zenfyr.dev / composition
docker is gnuimpware, it's podman quadlet millennium
docker containers
fork atom

initial

zenfyr.dev e729470a

+618
unified split
+121
LICENSE
··· 1 + Creative Commons Legal Code 2 + 3 + CC0 1.0 Universal 4 + 5 + CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE 6 + LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN 7 + ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS 8 + INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES 9 + REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS 10 + PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM 11 + THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED 12 + HEREUNDER. 13 + 14 + Statement of Purpose 15 + 16 + The laws of most jurisdictions throughout the world automatically confer 17 + exclusive Copyright and Related Rights (defined below) upon the creator 18 + and subsequent owner(s) (each and all, an "owner") of an original work of 19 + authorship and/or a database (each, a "Work"). 20 + 21 + Certain owners wish to permanently relinquish those rights to a Work for 22 + the purpose of contributing to a commons of creative, cultural and 23 + scientific works ("Commons") that the public can reliably and without fear 24 + of later claims of infringement build upon, modify, incorporate in other 25 + works, reuse and redistribute as freely as possible in any form whatsoever 26 + and for any purposes, including without limitation commercial purposes. 27 + These owners may contribute to the Commons to promote the ideal of a free 28 + culture and the further production of creative, cultural and scientific 29 + works, or to gain reputation or greater distribution for their Work in 30 + part through the use and efforts of others. 31 + 32 + For these and/or other purposes and motivations, and without any 33 + expectation of additional consideration or compensation, the person 34 + associating CC0 with a Work (the "Affirmer"), to the extent that he or she 35 + is an owner of Copyright and Related Rights in the Work, voluntarily 36 + elects to apply CC0 to the Work and publicly distribute the Work under its 37 + terms, with knowledge of his or her Copyright and Related Rights in the 38 + Work and the meaning and intended legal effect of CC0 on those rights. 39 + 40 + 1. Copyright and Related Rights. A Work made available under CC0 may be 41 + protected by copyright and related or neighboring rights ("Copyright and 42 + Related Rights"). Copyright and Related Rights include, but are not 43 + limited to, the following: 44 + 45 + i. the right to reproduce, adapt, distribute, perform, display, 46 + communicate, and translate a Work; 47 + ii. moral rights retained by the original author(s) and/or performer(s); 48 + iii. publicity and privacy rights pertaining to a person's image or 49 + likeness depicted in a Work; 50 + iv. rights protecting against unfair competition in regards to a Work, 51 + subject to the limitations in paragraph 4(a), below; 52 + v. rights protecting the extraction, dissemination, use and reuse of data 53 + in a Work; 54 + vi. database rights (such as those arising under Directive 96/9/EC of the 55 + European Parliament and of the Council of 11 March 1996 on the legal 56 + protection of databases, and under any national implementation 57 + thereof, including any amended or successor version of such 58 + directive); and 59 + vii. other similar, equivalent or corresponding rights throughout the 60 + world based on applicable law or treaty, and any national 61 + implementations thereof. 62 + 63 + 2. Waiver. To the greatest extent permitted by, but not in contravention 64 + of, applicable law, Affirmer hereby overtly, fully, permanently, 65 + irrevocably and unconditionally waives, abandons, and surrenders all of 66 + Affirmer's Copyright and Related Rights and associated claims and causes 67 + of action, whether now known or unknown (including existing as well as 68 + future claims and causes of action), in the Work (i) in all territories 69 + worldwide, (ii) for the maximum duration provided by applicable law or 70 + treaty (including future time extensions), (iii) in any current or future 71 + medium and for any number of copies, and (iv) for any purpose whatsoever, 72 + including without limitation commercial, advertising or promotional 73 + purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each 74 + member of the public at large and to the detriment of Affirmer's heirs and 75 + successors, fully intending that such Waiver shall not be subject to 76 + revocation, rescission, cancellation, termination, or any other legal or 77 + equitable action to disrupt the quiet enjoyment of the Work by the public 78 + as contemplated by Affirmer's express Statement of Purpose. 79 + 80 + 3. Public License Fallback. Should any part of the Waiver for any reason 81 + be judged legally invalid or ineffective under applicable law, then the 82 + Waiver shall be preserved to the maximum extent permitted taking into 83 + account Affirmer's express Statement of Purpose. In addition, to the 84 + extent the Waiver is so judged Affirmer hereby grants to each affected 85 + person a royalty-free, non transferable, non sublicensable, non exclusive, 86 + irrevocable and unconditional license to exercise Affirmer's Copyright and 87 + Related Rights in the Work (i) in all territories worldwide, (ii) for the 88 + maximum duration provided by applicable law or treaty (including future 89 + time extensions), (iii) in any current or future medium and for any number 90 + of copies, and (iv) for any purpose whatsoever, including without 91 + limitation commercial, advertising or promotional purposes (the 92 + "License"). The License shall be deemed effective as of the date CC0 was 93 + applied by Affirmer to the Work. Should any part of the License for any 94 + reason be judged legally invalid or ineffective under applicable law, such 95 + partial invalidity or ineffectiveness shall not invalidate the remainder 96 + of the License, and in such case Affirmer hereby affirms that he or she 97 + will not (i) exercise any of his or her remaining Copyright and Related 98 + Rights in the Work or (ii) assert any associated claims and causes of 99 + action with respect to the Work, in either case contrary to Affirmer's 100 + express Statement of Purpose. 101 + 102 + 4. Limitations and Disclaimers. 103 + 104 + a. No trademark or patent rights held by Affirmer are waived, abandoned, 105 + surrendered, licensed or otherwise affected by this document. 106 + b. Affirmer offers the Work as-is and makes no representations or 107 + warranties of any kind concerning the Work, express, implied, 108 + statutory or otherwise, including without limitation warranties of 109 + title, merchantability, fitness for a particular purpose, non 110 + infringement, or the absence of latent or other defects, accuracy, or 111 + the present or absence of errors, whether or not discoverable, all to 112 + the greatest extent permissible under applicable law. 113 + c. Affirmer disclaims responsibility for clearing rights of other persons 114 + that may apply to the Work or any use thereof, including without 115 + limitation any person's Copyright and Related Rights in the Work. 116 + Further, Affirmer disclaims responsibility for obtaining any necessary 117 + consents, permissions or other rights required for any use of the 118 + Work. 119 + d. Affirmer understands and acknowledges that Creative Commons is not a 120 + party to this document and has no duty or obligation with respect to 121 + this CC0 or use of the Work.
+3
README.md
··· 1 + # composition 2 + 3 + a collection of docker-compose related stuff, mainly service configs
+57
i2pd-tools/Dockerfile
··· 1 + # Use the official Debian stable slim image 2 + FROM debian:stable-slim AS base 3 + 4 + # prevent interactive prompts during package installation 5 + ARG DEBIAN_FRONTEND=noninteractive 6 + 7 + # Install dependencies 8 + RUN apt-get update && apt-get install -y --no-install-recommends \ 9 + libboost-dev \ 10 + libboost-chrono-dev \ 11 + libboost-date-time-dev \ 12 + libboost-filesystem-dev \ 13 + libboost-program-options-dev \ 14 + libboost-system-dev \ 15 + libboost-thread-dev \ 16 + libssl-dev \ 17 + zlib1g-dev 18 + 19 + FROM base AS builder 20 + 21 + # Install build dependencies 22 + RUN apt-get install -y --no-install-recommends \ 23 + make \ 24 + gcc g++ 25 + 26 + # Copy sources into the layer 27 + COPY . /opt/i2pd-tools 28 + WORKDIR /opt/i2pd-tools 29 + 30 + # Build all the tools 31 + RUN make -j"$(nproc)" 32 + 33 + FROM base 34 + 35 + # Copy binaries to base layer 36 + COPY --from=builder \ 37 + /opt/i2pd-tools/autoconf \ 38 + /opt/i2pd-tools/keygen \ 39 + /opt/i2pd-tools/keyinfo \ 40 + /opt/i2pd-tools/famtool \ 41 + /opt/i2pd-tools/i2pbase64 \ 42 + /opt/i2pd-tools/regaddr \ 43 + /opt/i2pd-tools/regaddralias \ 44 + /opt/i2pd-tools/routerinfo \ 45 + /opt/i2pd-tools/vain \ 46 + /opt/i2pd-tools/b33address \ 47 + /opt/i2pd-tools/offlinekeys \ 48 + /opt/i2pd-tools/regaddr_3ld \ 49 + /opt/i2pd-tools/verifyhost \ 50 + /opt/i2pd-tools/x25519 \ 51 + /usr/local/bin/ 52 + 53 + WORKDIR /data 54 + 55 + # Drop into a shell by default so you can run any tool interactively 56 + CMD ["bash"] 57 +
+21
i2pd-tools/README.md
··· 1 + # i2pd-tools 2 + 3 + this is a Dockerfile for [i2pd-tools](https://github.com/purplei2p/i2pd-tools), mainly to use with `vain`. 4 + 5 + to build, first clone the i2pd-tools repo: 6 + 7 + ``` 8 + git clone --recursive https://github.com/purplei2p/i2pd-tools 9 + ``` 10 + 11 + then: 12 + 13 + ``` 14 + docker build -t melontini/i2pd-tools . 15 + ``` 16 + 17 + now you can run, for example, `vain` to get a vanity address: 18 + 19 + ``` 20 + docker run --rm -it -v "$PWD":/data melontini/i2pd-tools:latest vain hawk2 21 + ```
+14
i2pd/README.md
··· 1 + # i2pd 2 + 3 + based on the https://hub.docker.com/r/purplei2p/i2pd image. this doesn't require host networking, but this config uses it anyway because it's easier. 4 + 5 + if you're facing permission issues, before starting, make the data dir world writable. 6 + 7 + ``` 8 + mkdir -p ./data 9 + chmod -R 777 ./data 10 + ``` 11 + 12 + check and modify i2pd.conf and tunnels.conf before starting the service! enables ssh access over i2p on port 22 by default! 13 + 14 + learn more about i2p https://geti2p.net/en/ and i2pd https://i2pd.website/
+8
i2pd/compose.yml
··· 1 + services: 2 + i2pd: 3 + image: purplei2p/i2pd 4 + container_name: i2pd 5 + network_mode: host 6 + restart: unless-stopped 7 + volumes: 8 + - "./data:/home/i2pd/data"
+279
i2pd/data/i2pd.conf
··· 1 + ## Configuration file for a typical i2pd user 2 + ## See https://i2pd.readthedocs.io/en/latest/user-guide/configuration/ 3 + ## for more options you can use in this file. 4 + 5 + ## Lines that begin with "## " try to explain what's going on. Lines 6 + ## that begin with just "#" are disabled commands: you can enable them 7 + ## by removing the "#" symbol. 8 + 9 + ## Tunnels config file 10 + ## Default: ~/.i2pd/tunnels.conf or /var/lib/i2pd/tunnels.conf 11 + # tunconf = /var/lib/i2pd/tunnels.conf 12 + 13 + ## Tunnels config files path 14 + ## Use that path to store separated tunnels in different config files. 15 + ## Default: ~/.i2pd/tunnels.d or /var/lib/i2pd/tunnels.d 16 + # tunnelsdir = /var/lib/i2pd/tunnels.d 17 + 18 + ## Path to certificates used for verifying .su3, families 19 + ## Default: ~/.i2pd/certificates or /var/lib/i2pd/certificates 20 + # certsdir = /var/lib/i2pd/certificates 21 + 22 + ## Where to write pidfile (default: /run/i2pd.pid, not used in Windows) 23 + # pidfile = /run/i2pd.pid 24 + 25 + ## Logging configuration section 26 + ## By default logs go to stdout with level 'info' and higher 27 + ## For Windows OS by default logs go to file with level 'warn' and higher 28 + ## 29 + ## Logs destination (valid values: stdout, file, syslog) 30 + ## * stdout - print log entries to stdout 31 + ## * file - log entries to a file 32 + ## * syslog - use syslog, see man 3 syslog 33 + # log = file 34 + ## Path to logfile (default: autodetect) 35 + # logfile = /var/log/i2pd/i2pd.log 36 + ## Log messages above this level (debug, info, *warn, error, critical, none) 37 + ## If you set it to none, logging will be disabled 38 + # loglevel = warn 39 + ## Write full CLF-formatted date and time to log (default: write only time) 40 + # logclftime = true 41 + 42 + ## Daemon mode. Router will go to background after start. Ignored on Windows 43 + ## (default: true) 44 + # daemon = true 45 + 46 + ## Specify a family, router belongs to (default - none) 47 + # family = 48 + 49 + ## Network interface to bind to 50 + ## Updates address4/6 options if they are not set 51 + # ifname = 52 + ## You can specify different interfaces for IPv4 and IPv6 53 + # ifname4 = 54 + # ifname6 = 55 + 56 + ## Local address to bind transport sockets to 57 + ## Overrides host option if: 58 + ## For ipv4: if ipv4 = true and nat = false 59 + ## For ipv6: if 'host' is not set or ipv4 = true 60 + # address4 = 61 + # address6 = 62 + 63 + ## External IPv4 or IPv6 address to listen for connections 64 + ## By default i2pd sets IP automatically 65 + ## Sets published NTCP2v4/SSUv4 address to 'host' value if nat = true 66 + ## Sets published NTCP2v6/SSUv6 address to 'host' value if ipv4 = false 67 + # host = 1.2.3.4 68 + 69 + ## Port to listen for connections 70 + ## By default i2pd picks random port. You MUST pick a random number too, 71 + ## don't just uncomment this 72 + # port = 60668 73 + 74 + ## Enable communication through ipv4 (default: true) 75 + ipv4 = true 76 + ## Enable communication through ipv6 (default: false) 77 + ipv6 = true 78 + 79 + ## Bandwidth configuration 80 + ## L limit bandwidth to 32 KB/sec, O - to 256 KB/sec, P - to 2048 KB/sec, 81 + ## X - unlimited 82 + ## Default is L (regular node) and X if floodfill mode enabled. 83 + ## If you want to share more bandwidth without floodfill mode, uncomment 84 + ## that line and adjust value to your possibilities. Value can be set to 85 + ## integer in kilobytes, it will apply that limit and flag will be used 86 + ## from next upper limit (example: if you set 4096 flag will be X, but real 87 + ## limit will be 4096 KB/s). Same can be done when floodfill mode is used, 88 + ## but keep in mind that low values may be negatively evaluated by Java 89 + ## router algorithms. 90 + # bandwidth = L 91 + ## Max % of bandwidth limit for transit. 0-100 (default: 100) 92 + # share = 100 93 + 94 + ## Router will not accept transit tunnels, disabling transit traffic completely 95 + ## (default: false) 96 + # notransit = true 97 + 98 + ## Router will be floodfill (default: false) 99 + ## Note: that mode uses much more network connections and CPU! 100 + # floodfill = true 101 + 102 + [ntcp2] 103 + ## Enable NTCP2 transport (default: true) 104 + # enabled = true 105 + ## Publish address in RouterInfo (default: true) 106 + # published = true 107 + ## Port for incoming connections (default is global port option value) 108 + # port = 4567 109 + 110 + [ssu2] 111 + ## Enable SSU2 transport (default: true) 112 + # enabled = true 113 + ## Publish address in RouterInfo (default: true) 114 + # published = true 115 + ## Port for incoming connections (default is global port option value) 116 + # port = 4567 117 + 118 + [http] 119 + ## Web Console settings 120 + ## Enable the Web Console (default: true) 121 + # enabled = true 122 + ## Address and port service will listen on (default: 127.0.0.1:7070) 123 + # address = 127.0.0.1 124 + # port = 7070 125 + ## Path to web console (default: /) 126 + # webroot = / 127 + ## Enable Web Console authentication (default: false) 128 + ## You should not use Web Console via public networks without additional encryption. 129 + ## HTTP authentication is not encryption layer! 130 + # auth = true 131 + # user = i2pd 132 + # pass = changeme 133 + ## Select webconsole language 134 + ## Currently supported english (default), afrikaans, armenian, chinese, czech, french, 135 + ## german, italian, polish, portuguese, russian, spanish, turkish, turkmen, ukrainian 136 + ## and uzbek languages 137 + # lang = english 138 + 139 + [httpproxy] 140 + ## Enable the HTTP proxy (default: true) 141 + enabled = false 142 + ## Address and port service will listen on (default: 127.0.0.1:4444) 143 + # address = 127.0.0.1 144 + # port = 4444 145 + ## Optional keys file for proxy local destination (default: http-proxy-keys.dat) 146 + # keys = http-proxy-keys.dat 147 + ## Enable address helper for adding .i2p domains with "jump URLs" (default: true) 148 + ## You should disable this feature if your i2pd HTTP Proxy is public, 149 + ## because anyone could spoof the short domain via addresshelper and forward other users to phishing links 150 + # addresshelper = true 151 + ## Address of a proxy server inside I2P, which is used to visit regular Internet 152 + # outproxy = http://false.i2p 153 + ## httpproxy section also accepts I2CP parameters, like "inbound.length" etc. 154 + 155 + [socksproxy] 156 + ## Enable the SOCKS proxy (default: true) 157 + enabled = false 158 + ## Address and port service will listen on (default: 127.0.0.1:4447) 159 + # address = 127.0.0.1 160 + # port = 4447 161 + ## Optional keys file for proxy local destination (default: socks-proxy-keys.dat) 162 + # keys = socks-proxy-keys.dat 163 + ## Socks outproxy. Example below is set to use Tor for all connections except i2p 164 + ## Enable using of SOCKS outproxy (works only with SOCKS4, default: false) 165 + # outproxy.enabled = false 166 + ## Address and port of outproxy 167 + # outproxy = 127.0.0.1 168 + # outproxyport = 9050 169 + ## socksproxy section also accepts I2CP parameters, like "inbound.length" etc. 170 + 171 + [sam] 172 + ## Enable the SAM bridge (default: true) 173 + # enabled = false 174 + ## Address and ports service will listen on (default: 127.0.0.1:7656, udp: 7655) 175 + # address = 127.0.0.1 176 + # port = 7656 177 + # portudp = 7655 178 + 179 + [bob] 180 + ## Enable the BOB command channel (default: false) 181 + # enabled = false 182 + ## Address and port service will listen on (default: 127.0.0.1:2827) 183 + # address = 127.0.0.1 184 + # port = 2827 185 + 186 + [i2cp] 187 + ## Enable the I2CP protocol (default: false) 188 + # enabled = false 189 + ## Address and port service will listen on (default: 127.0.0.1:7654) 190 + # address = 127.0.0.1 191 + # port = 7654 192 + 193 + [i2pcontrol] 194 + ## Enable the I2PControl protocol (default: false) 195 + # enabled = false 196 + ## Address and port service will listen on (default: 127.0.0.1:7650) 197 + # address = 127.0.0.1 198 + # port = 7650 199 + ## Authentication password (default: itoopie) 200 + # password = itoopie 201 + 202 + [precomputation] 203 + ## Enable or disable elgamal precomputation table 204 + ## By default, enabled on i386 hosts 205 + # elgamal = true 206 + 207 + [upnp] 208 + ## Enable or disable UPnP: automatic port forwarding (enabled by default in WINDOWS, ANDROID) 209 + # enabled = false 210 + ## Name i2pd appears in UPnP forwardings list (default: I2Pd) 211 + # name = I2Pd 212 + 213 + [meshnets] 214 + ## Enable connectivity over the Yggdrasil network (default: false) 215 + # yggdrasil = true 216 + ## You can bind address from your Yggdrasil subnet 300::/64 217 + ## The address must first be added to the network interface 218 + # yggaddress = 219 + 220 + [reseed] 221 + ## Options for bootstrapping into I2P network, aka reseeding 222 + ## Enable reseed data verification (default: true) 223 + verify = true 224 + ## URLs to request reseed data from, separated by comma 225 + ## Default: "mainline" I2P Network reseeds 226 + # urls = https://reseed.i2p-projekt.de/,https://i2p.mooo.com/netDb/,https://netdb.i2p2.no/ 227 + ## Reseed URLs through the Yggdrasil, separated by comma 228 + # yggurls = http://[324:71e:281a:9ed3::ace]:7070/ 229 + ## Path to local reseed data file (.su3) for manual reseeding 230 + # file = /path/to/i2pseeds.su3 231 + ## or HTTPS URL to reseed from 232 + # file = https://legit-website.com/i2pseeds.su3 233 + ## Path to local ZIP file or HTTPS URL to reseed from 234 + # zipfile = /path/to/netDb.zip 235 + ## If you run i2pd behind a proxy server, set proxy server for reseeding here 236 + ## Should be http://address:port or socks://address:port 237 + # proxy = http://127.0.0.1:8118 238 + ## Minimum number of known routers, below which i2pd triggers reseeding (default: 25) 239 + # threshold = 25 240 + 241 + [addressbook] 242 + ## AddressBook subscription URL for initial setup 243 + ## Default: reg.i2p at "mainline" I2P Network 244 + # defaulturl = http://shx5vqsw7usdaunyzr2qmes2fq37oumybpudrd4jjj4e4vk4uusa.b32.i2p/hosts.txt 245 + ## Optional subscriptions URLs, separated by comma 246 + # subscriptions = http://reg.i2p/hosts.txt,http://identiguy.i2p/hosts.txt,http://stats.i2p/cgi-bin/newhosts.txt 247 + 248 + [limits] 249 + ## Maximum active transit sessions (default: 10000) 250 + ## This value is doubled if floodfill mode is enabled! 251 + # transittunnels = 10000 252 + ## Limit number of open file descriptors (0 - use system limit) 253 + # openfiles = 0 254 + ## Maximum size of corefile in Kb (0 - use system limit) 255 + # coresize = 0 256 + 257 + [trust] 258 + ## Enable explicit trust options. (default: false) 259 + # enabled = true 260 + ## Make direct I2P connections only to routers in specified Family. 261 + # family = MyFamily 262 + ## Make direct I2P connections only to routers specified here. Comma separated list of base64 identities. 263 + # routers = 264 + ## Should we hide our router from other routers? (default: false) 265 + # hidden = true 266 + 267 + [exploratory] 268 + ## Exploratory tunnels settings with default values 269 + # inbound.length = 2 270 + # inbound.quantity = 3 271 + # outbound.length = 2 272 + # outbound.quantity = 3 273 + 274 + [persist] 275 + ## Save peer profiles on disk (default: true) 276 + # profiles = true 277 + ## Save full addresses on disk (default: true) 278 + # addressbook = true 279 +
+10
i2pd/data/tunnels.conf
··· 1 + [ssh-server] 2 + type = server 3 + host = 127.0.0.1 4 + port = 22 5 + inbound.length = 1 6 + outbound.length = 1 7 + inbound.quantity = 5 8 + outbound.quantity = 5 9 + i2cp.reduceOnIdle = true 10 + keys = ssh-in.dat
+7
yggdrasil/README.md
··· 1 + # yggdrasil 2 + 3 + based on the https://hub.docker.com/r/jauderho/yggdrasil-go image. this doesn't work with podman due to networling stuff. ygg requires /dev/tun and net admin to route traffic to the daemon. 4 + 5 + the included config file enables NodeInfoPrivacy and changes AdminListen to tcp instead of a socket. 6 + 7 + learn more about the yggdrasil router here: https://yggdrasil-network.github.io/
+16
yggdrasil/compose.yml
··· 1 + services: 2 + yggdrasil: 3 + container_name: yggdrasil 4 + image: jauderho/yggdrasil-go 5 + restart: unless-stopped 6 + network_mode: host 7 + cap_add: 8 + - NET_ADMIN 9 + devices: 10 + - /dev/net/tun:/dev/net/tun 11 + volumes: 12 + - "./yggdrasil.conf:/etc/yggdrasil.conf" 13 + command: 14 + - "yggdrasil" 15 + - "-useconffile" 16 + - "/etc/yggdrasil.conf"
+82
yggdrasil/yggdrasil.conf
··· 1 + { 2 + # Your private key. DO NOT share this with anyone! 3 + PrivateKey: CHANGE_ME 4 + 5 + # List of outbound peer connection strings (e.g. tls://a.b.c.d:e or 6 + # socks://a.b.c.d:e/f.g.h.i:j). Connection strings can contain options, 7 + # see https://yggdrasil-network.github.io/configurationref.html#peers. 8 + # Yggdrasil has no concept of bootstrap nodes - all network traffic 9 + # will transit peer connections. Therefore make sure to only peer with 10 + # nearby nodes that have good connectivity and low latency. Avoid adding 11 + # peers to this list from distant countries as this will worsen your 12 + # node's connectivity and performance considerably. 13 + Peers: [ 14 + ADD_PEERS_HERE 15 + ] 16 + 17 + # List of connection strings for outbound peer connections in URI format, 18 + # arranged by source interface, e.g. { "eth0": [ "tls://a.b.c.d:e" ] }. 19 + # You should only use this option if your machine is multi-homed and you 20 + # want to establish outbound peer connections on different interfaces. 21 + # Otherwise you should use "Peers". 22 + InterfacePeers: {} 23 + 24 + # Listen addresses for incoming connections. You will need to add 25 + # listeners in order to accept incoming peerings from non-local nodes. 26 + # This is not required if you wish to establish outbound peerings only. 27 + # Multicast peer discovery will work regardless of any listeners set 28 + # here. Each listener should be specified in URI format as above, e.g. 29 + # tls://0.0.0.0:0 or tls://[::]:0 to listen on all interfaces. 30 + Listen: [ 31 + 32 + ] 33 + 34 + AdminListen: tcp://localhost:9001 35 + 36 + # Configuration for which interfaces multicast peer discovery should be 37 + # enabled on. Regex is a regular expression which is matched against an 38 + # interface name, and interfaces use the first configuration that they 39 + # match against. Beacon controls whether or not your node advertises its 40 + # presence to others, whereas Listen controls whether or not your node 41 + # listens out for and tries to connect to other advertising nodes. See 42 + # https://yggdrasil-network.github.io/configurationref.html#multicastinterfaces 43 + # for more supported options. 44 + MulticastInterfaces: [ 45 + { 46 + Regex: .* 47 + Beacon: true 48 + Listen: true 49 + Password: "" 50 + } 51 + ] 52 + 53 + # List of peer public keys to allow incoming peering connections 54 + # from. If left empty/undefined then all connections will be allowed 55 + # by default. This does not affect outgoing peerings, nor does it 56 + # affect link-local peers discovered via multicast. 57 + # WARNING: THIS IS NOT A FIREWALL and DOES NOT limit who can reach 58 + # open ports or services running on your machine! 59 + AllowedPublicKeys: [] 60 + 61 + # Local network interface name for TUN adapter, or "auto" to select 62 + # an interface automatically, or "none" to run without TUN. 63 + IfName: auto 64 + 65 + # Maximum Transmission Unit (MTU) size for your local TUN interface. 66 + # Default is the largest supported size for your platform. The lowest 67 + # possible value is 1280. 68 + IfMTU: 65535 69 + 70 + # By default, nodeinfo contains some defaults including the platform, 71 + # architecture and Yggdrasil version. These can help when surveying 72 + # the network and diagnosing network routing problems. Enabling 73 + # nodeinfo privacy prevents this, so that only items specified in 74 + # "NodeInfo" are sent back if specified. 75 + NodeInfoPrivacy: true 76 + 77 + # Optional nodeinfo. This must be a { "key": "value", ... } map 78 + # or set as null. This is entirely optional but, if set, is visible 79 + # to the whole network on request. 80 + NodeInfo: { 81 + } 82 + }