~mdw / tripe / blame
| Commit | Line | Data |
|---|---|---|
| 0cc76618 MW |
1 | ### -*-sh-*- |
| 2 | ### | |
| 3 | ### This file is sourced as a Bourne shell script by tripe's startup script. | |
| 4 | ### There are vaguely sane defaults. | |
| 5 | ||
| 6 | ## The directory you want tripe to work in. This is where it will search for | |
| 7 | ## keyrings, and where its admin socket and logfile are kept. The default is | |
| 8 | ## the CONFIGDIR established at `configure' time, via the `--with-configdir' | |
| 9 | ## option. | |
| 10 | ## | |
| 11 | #TRIPEDIR=/etc/tripe | |
| 12 | ||
| 13 | ## The tag or type of the private key to use. This is usually `tripe'; the | |
| 14 | ## default is to try both `tripe' or `tripe-dh', in that order. | |
| 15 | ## | |
| 16 | #keytag=tripe | |
| 17 | ||
| 18 | ## The address you want tripe to bind to. By default, tripe will accept | |
| 19 | ## packets to any address acceptable to the host, and send packets from the | |
| 20 | ## most appropriate address for the destination; setting this means it will | |
| 21 | ## (a) only accept packets destined for the named address, and (b) send | |
| 22 | ## packets from the named address. The latter is probably more useful. | |
| 23 | ## | |
| 24 | #addr=MYHOST | |
| 25 | ||
| 26 | ## The UDP port you want tripe to use. The default is 4070, which is | |
| 27 | ## officially allocated by the IANA. If you explicitly specify port 0 then | |
| 28 | ## tripe gets the kernel to choose a port it's not using right now, and you | |
| 29 | ## have to dig it out by saying `tripectl port'. | |
| 30 | ## | |
| 31 | #port=4070 | |
| 32 | ||
| 33 | ## The tunnel device you want tripe to use. The default is to use a system- | |
| 34 | ## specific device, if there's one compiled in, or SLIP if not. | |
| 35 | ## | |
| 36 | #tunnel=slip | |
| 37 | ||
| 38 | ## The user to run as once tripe has initialized. TrIPE keeps a separate | |
| 39 | ## process running as `root' specifically to open new tunnel devices, but | |
| 40 | ## this doesn't work for SLIP devices; in this case, you must ensure that the | |
| 41 | ## user (and/or group) you choose has sufficient privileges to request new | |
| 42 | ## SLIP tunnels -- or acquires sufficient tunnels at startup time. The | |
| 43 | ## default is not to change user. | |
| 44 | ## | |
| 45 | #user=tripe | |
| 46 | ||
| 47 | ## The group to run as once tripe has initialized. See caveats for `user' | |
| 48 | ## above. The default is not to change group. | |
| 49 | ## | |
| 50 | #group=tripe | |
| 51 | ||
| a9279e37 MW |
52 | ## The permissions to set on the administration socket. The default is 600, |
| 53 | ## which allows only the configured user to connect. Setting 660 allows | |
| 54 | ## all members of the group to administer the server, which might be useful. | |
| 55 | ## Setting this to 666 is probably a really bad idea. | |
| 1cd39ec4 | 56 | #sockmode=600 |
| a9279e37 | 57 | |
| 0cc76618 MW |
58 | ## Trace options to pass to tripe. The default is no tracing. The setting |
| 59 | ## `A-cp' gives maxmimum possible verbosity without leaking important | |
| 60 | ## secrets. | |
| 61 | ## | |
| 62 | #trace=A-cp | |
| 63 | ||
| 64 | ## Any other options to pass on to tripectl. (If you want to pass options on | |
| 65 | ## to the tripe server itself, you'll need to put -SARG,ARG,... in here.) | |
| 66 | ## The default is not to pass additional options. | |
| 67 | ## | |
| 68 | #miscopts= | |
| 69 | ||
| 70 | ## Logfile to write to. The default is determined by the `--with-logfile' | |
| ae8928d2 MW |
71 | ## configure option, which defaults to `./tripe.log' (relative to |
| 72 | ## $TRIPEDIR). This may be set to `-' to write the log to stdout, or `!' to | |
| 73 | ## write to stderr. | |
| 0cc76618 MW |
74 | ## |
| 75 | #logfile=/var/log/tripe | |
| 76 | ||
| ae8928d2 MW |
77 | ## Whether to write a log to syslog. If this is something other than `nil', |
| 78 | ## then logs are written to syslog. If `syslogp' is non-nil and `logfile' | |
| 79 | ## above is unset then no logs are written to files. | |
| 80 | #syslogp=nil | |
| 81 | ||
| 0cc76618 MW |
82 | ## Where to put tripectl's pidfile when it starts up. The default is |
| 83 | ## determined by the `--with-pidfile' configure option, which defaults to | |
| 84 | ## `./tripectl.pid' (relative to $TRIPEDIR). | |
| 85 | ## | |
| 86 | #pidfile=/var/run/tripectl.pid | |
| 1cecc933 MW |
87 | |
| 88 | ## How to open SLIP interfaces. The value is a sequece of zero or more | |
| 89 | ## static allocations, followed optionally by the name of a dynamic | |
| 90 | ## allocation script, all separated by colons. A static allocation has the | |
| 91 | ## form `INFD[,OUTFD]=IFNAME', declaring that the interface IFNAME can be | |
| 92 | ## read from file descriptor INFD and written from file descriptor OUTFD | |
| 93 | ## (defaults to the same as INFD). The dynamic allocation script name must | |
| 94 | ## begin with `/' or `.' (interpreted relative to $TRIPEDIR); the script must | |
| 95 | ## write an interface name to standard output followed by a newline, and | |
| 96 | ## thereafter speak SLIP over standard input/output; stdin will be closed | |
| 97 | ## (and the script process sent SIGTERM) when the interface is no longer | |
| 98 | ## needed. | |
| 99 | ## | |
| 100 | #TRIPE_SLIPIF= |