GNUNET.CONF
Section: File Formats (5)
Page Index
BSD mandoc
NAME
gnunet.conf
- GNUnet configuration file
DESCRIPTION
A GNUnet setup typically consists of a set of service processes run by a
user "gnunet" and a set of user-interface processes run by a standard account.
The default location for the configuration file for the services is
~gnunet/.config/gnunet.conf
However, as normal users also may need read-access to this configuration,
you might want to instead put the service process configuration in
/usr/local/etc/gnunet.conf
gnunet-setup1,
part of gnunet-gtk, can be used to edit this configuration.
The parts of GNUnet that are run as a normal user may have config
options too and they read from
$HOME/.config/gnunet.conf
The latter config file can skip any options for the services.
The basic structure of the configuration file is the following.
-
The file is split into sections.
-
Every section begins with a token in square brakets.
The current section ends when a new section starts or end of file is
encountered.
-
A section contains a number of options of the form "OPTION=VALUE".
-
Whitespace surounding the "=" token is striped out, in other words
"OPTION = VALUE" and "OPTION=VALUE" are treated equal.
-
Empty lines and lines beginning with a "#" are treated as comments.
-
Boolean values are given as "YES" and "NO".
Almost all options are optional.
The tools resort to reasonable defaults if an option is not present.
Default values for all of the options can be found in the files in the
$GNUNET_PREFIX/share/gnunet/config.d/
directory.
A typical setup will work out of the box with those.
See the examples section below for some common setups on top of that.
Variable naming conventions and data types
Boolean values for options are set via "YES" or "NO" values, without the
double-quotes.
Options which include "PATH" or "path" define a path on the file-system
and can take additional variables in the path, such as
$GNUNET_TMP
Section names as listed more in detail below, are small letters only
enclosed by square brakets.
GENERAL OPTIONS
Many options will be common between sections.
They can be repeated under each section with different values.
The "[PATHS]" section is special.
Here, it is possible to specify values for variables like "GNUNET_HOME".
Then, in all filenames that begin with "$GNUNET_HOME" the "$GNUNET_HOME" will
be replaced with the respective value at runtime.
The main use of this is to redefine "$GNUNET_HOME", which by default points to
$HOME/.config/
By setting this variable, you can change the location where GNUnet stores
its internal data.
gnunet.conf
accepts the variable
GNUNET_TMP
which we suggest to use in place of the absolute definition of
/tmp
So instead of
/tmp/foo
you would write
$GNUNET_TMP/foo
The usage of
$GNUNET_TMP/foo
will result in
$TMPDIR/gnunet/foo
or
$TMP/gnunet/foo
and finally, if
TMPDIR
is undefined,
/tmp/gnunet/foo
The following options are generic and shared by all services:
- HOSTNAME
-
The hostname specifies the machine on which the service is running.
This is usually "localhost".
- BINARY
-
The filename that implements the service.
For example "gnunet-service-ats".
- IMMEDIATE_START
-
Start the service always when the peer starts.
Set to YES for services that should always be launched, even if no other
service explicitly needs them.
- START_ON_DEMAND
-
Set to YES to automatically start the service when it is requested by another
service.
YES for most GNUnet services.
- NOARMBIND
-
Set to YES to never have ARM bind to the respective socket.
This option is mostly for debugging in situations where ARM cannot pass the
pre-bound socket to the child due to interference from PREFIX-commands.
This option is only effective in combination with IMMEDIATE_START being YES.
NO by default.
- PREFIX
-
PREFIX the given command (with its arguments) to the actual BINARY
to be executed.
Useful to run certain services under special supervisors like strace,
dtrace, or valgrind.
Typically used in combination with IMMEDIATE_START and NOARMBIND.
Empty by default.
- ACCEPT_FROM
-
A semi-column separated list of IPv4 addresses that are allowed to use
the service; usually 127.0.0.1.
- ACCEPT_FROM6
-
A semi-column separated list of IPv6 addresses that are allowed to use
the service; usually ::1.
- UNIXPATH
-
Path to use for the UNIX domain socket for inter process communication with
the service on POSIX systems.
- UNIX_MATCH_UID
-
If UNIX domain sockets are used, set this to YES if only users with the
same UID are allowed to access the service.
- UNIX_MATCH_GID
-
If UNIX domain sockets are used, set this to YES if only users with the
same GID are allowed to access the service.
- RUN_PER_USER
-
End-users should never have to change the defaults GNUnet provides for
this option.
- YES
-
Set to YES if this service should be run per-user.
- NO
-
Set to NO if this is a system service.
In the following sections the absence of a default value is either
expressed as "Default value:" followed by nothing, or the lack of this line.
ARM
- PORT
-
Default value: 2087
- HOSTNAME
-
Default value: localhost
- BINARY
-
Default value: gnunet-service-arm
- ACCEPT_FROM
-
Default value: 127.0.0.1;
- ACCEPT_FROM6
-
Default value: ::1;
- UNIXPATH
-
Special case, uses user runtime dir even for per-system service.
Default value: $GNUNET_USER_RUNTIME_DIR/gnunet-service-arm.sock
- UNIX_MATCH_UID
-
Default value: YES
- UNIX_MATCH_GID
-
Default value: YES
- GLOBAL_POSTFIX
-
In the
-l
option, format characters from
strftime(3)
are allowed; In the GLOBAL_POSTFIX, "{}" stands for the name of the
respective service.
Thus the following example for this option would introduce per-service logging
with a new log file each day.
Note that only the last 3 log files are preserved.
Example:
-l $GNUNET_CACHE_HOME/{}-%Y-%m-%d.log
Default value:
- GLOBAL_PREFIX
-
Default value:
- START_SYSTEM_SERVICES
-
If set to YES, ARM will only start services that are marked as system-level
services (and we'll expect a second ARM to be run per-user to run
user-level services).
Note that in this case you must have manually created a different configuration
file with the user where at least this and the START_USER_SERVICES
options differ.
- START_USER_SERVICES
-
If set to YES, ARM will only start services that are marked as per-user
services (and we'll expect a system user to run ARM to provide system-level
services).
Per-user services enable better personalization and priviledge separation and
in particular ensures that personal data is stored under $HOME, which might be
important in a multi-user system (or if $HOME is encrypted and
/var/
is not).
Note that if you have different ARM services for SYSTEM and USER, and you are
not on UNIX, you need to change the PORT option for the USER ARM instances to
some free port (counting down from 2085 should provide free ports).
- RESOURCE_DIAGNOSTICS
-
File where we should log per-service resource consumption on exit.
Default value: resource.log
- USERNAME
-
Name of the user that will be used to provide the service.
Default value:
- MAXBUF
-
Default value:
- TIMEOUT
-
Default value:
- DISABLEV6
-
Default value:
- BINDTO
-
Default value:
- REJECT_FROM
-
Default value:
- REJECT_FROM6
-
Default value:
- PREFIX
-
Default value:
ATS
- PORT
-
Default value: 2098
- HOSTNAME
-
Default value: localhost
- BINARY
-
Default value: gnunet-service-ats
- ACCEPT_FROM
-
Default value: 127.0.0.1;
- ACCEPT_FROM6
-
Default value: ::1;
- UNIXPATH
-
Default value: $GNUNET_RUNTIME_DIR/gnunet-service-ats.sock
- UNIX_MATCH_UID
-
Default value: NO
- UNIX_MATCH_GID
-
Default value: YES
- MODE
-
Designated assignment mode.
Possible values: PROPORTIONAL, MLP, RIL.
Default value: proportional
- UNSPECIFIED_QUOTA_IN
-
quotes in KiB or MiB per seconds.
Or use the word "unlimited".
Default value: 64 KiB
- UNSPECIFIED_QUOTA_OUT
-
quotes in KiB or MiB per seconds.
Or use the word "unlimited".
Default value: 64 KiB
- LOOPBACK_QUOTA_IN
-
quotes in KiB or MiB per seconds.
Or use the word "unlimited".
Default value: unlimited
- LOOPBACK_QUOTA_OUT
-
quotes in KiB or MiB per seconds.
Or use the word "unlimited".
Default value: unlimited
- LAN_QUOTA_IN
-
quotes in KiB or MiB per seconds.
Or use the word "unlimited".
Default value: unlimited
- LAN_QUOTA_OUT
-
quotes in KiB or MiB per seconds.
Or use the word "unlimited".
Default value: unlimited
- WAN_QUOTA_IN
-
quotes in KiB or MiB per seconds.
Or use the word "unlimited".
Default value: 64 KiB
- WAN_QUOTA_OUT
-
quotes in KiB or MiB per seconds.
Or use the word "unlimited".
Default value: 64 KiB
- WLAN_QUOTA_IN
-
quotes in KiB or MiB per seconds.
Or use the word "unlimited".
Default value: 1 MiB
- WLAN_QUOTA_OUT
-
quotes in KiB or MiB per seconds.
Or use the word "unlimited".
Default value: 1 MiB
- BLUETOOTH_QUOTA_IN
-
Default value: 128 KiB
- BLUETOOTH_QUOTA_OUT
-
Default value: 128 KiB
- PROP_PROPORTIONALITY_FACTOR
-
How proportional to preferences is bandwidth distribution in a network?
Default value: 2.00
- 1.0
-
Fair with respect to addresses without preferences.
- > 1.0
-
The bigger, the more respect is payed to preferences.
- PROP_STABILITY_FACTOR
-
Should we stick to existing connections are prefer to switch?
[1.0...2.0], lower value prefers to switch, bigger value is more tolerant.
Default value: 1.25
- MLP_MAX_DURATION
-
Maximum duration for a solution process (both LP and MILP).
Default value: 3 s
- MLP_MAX_ITERATIONS
-
Maximum numbero of iterations for a solution process (only LP).
Tolerated MIP Gap [0.0 .. 1.0].
Default value: 0.025
- MLP_MAX_MIP_GAP
-
Tolerated LP/MIP Gap [0.0 .. 1.0].
Default value: 0.025
- MLP_MAX_LP_MIP_GAP
-
Default value: 0.025
- MLP_MAX_ITERATIONS
-
Maximum number of iterations for a solution process.
Default value: 1024
- MLP_COEFFICIENT_D
-
Default value: 1.0
- MLP_COEFFICIENT_U
-
Default value: 1.0
- MLP_COEFFICIENT_R
-
Default value: 1.0
- MLP_MIN_BANDWIDTH
-
Default value: 1024
- MLP_MIN_CONNECTIONS
-
Default value: 4
- MLP_DUMP_PROBLEM_ALL
-
Dump all problems to disk.
Default value: YES
- MLP_DUMP_SOLUTION_ALL
-
Dump all solution to disk.
Default value: YES
- MLP_GLPK_VERBOSE
-
Print GLPK output.
Default value: YES
- MLP_DUMP_PROBLEM_ON_FAIL
-
Dump all problems to disk.
Default value: YES
- MLP_DUMP_SOLUTION_ON_FAIL
-
Dump all solution to disk.
Default value: YES
- RIL_STEP_TIME_MIN
-
Default value: 500 ms
- RIL_STEP_TIME_MAX
-
Default value: 1000 ms
- RIL_ALGORITHM
-
Possible values: SARSA or Q-LEARNING.
Default value: Q-LEARNING
- RIL_DISCOUNT_BETA
-
Default value: 0.7
- RIL_GRADIENT_STEP_SIZE
-
Default value: 0.3
- RIL_TRACE_DECAY
-
Default value: 0.2
- RIL_EXPLORE_RATIO
-
Default value: 0.1
- RIL_GLOBAL_REWARD_SHARE
-
Default value: 1
AUCTION
CADET
- IMMEDIATE_START
-
Default value: YES
- START_ON_DEMAND
-
Default value: YES
- PORT
-
Default value: 2096
- HOSTNAME
-
Default value: localhost
- BINARY
-
Default value: gnunet-service-cadet
- PREFIX
-
- ACCEPT_FROM
-
Default value: 127.0.0.1;
- ACCEPT_FROM6
-
Default value: ::1;
- UNIXPATH
-
Default value: $GNUNET_RUNTIME_DIR/gnunet-service-cadet.sock
- UNIX_MATCH_UID
-
Default value: NO
- UNIX_MATCH_GID
-
Default value: YES
- REFRESH_CONNECTION_TIME
-
How often do we send KEEPALIVE messages on connections to keep them from
timing out?
Default value: 5 min
- DROP_PERCENT
-
Percentage of packets CADET is artificially dropping.
Used for testing only!
- ID_ANNOUNCE_TIME
-
How frequently do we usually anounce our presence in the DHT?
Default value: 1 h
- CONNECT_TIMEOUT
-
Default value: 30 s
- DHT_REPLICATION_LEVEL
-
What is the replication level we give to the DHT when announcing our existence?
Usually there is no need to change this.
Default value: 3
- MAX_TUNNELS
-
Not implemented
Default value: 1000
- MAX_CONNECTIONS
-
Not implemented, replaced by MAX_ROUTES in NEW CADET!
Default value: 1000
- MAX_ROUTES
-
How many routes do we participate in at most?
Should be smaller than MAX_MSGS_QUEUE.
Default value: 5000
- MAX_MSGS_QUEUE
-
Not implemented
Default value: 10000
- MAX_PEERS
-
Not implemented
Default value: 1000
- RATCHET_TIME
-
How often do we advance the ratchet even if there is not any traffic?
Default value: 1 h
- RATCHET_MESSAGES
-
How often do we advance the ratched if there is traffic?
Default value: 64
COMMUNICATOR-UNIX
- UNIXPATH
-
Default value: $GNUNET_RUNTIME_DIR/gnunet-communicator-unix.sock
CONSENSUS
- START_ON_DEMAND
-
Default value: YES
- PORT
-
Default value: 2103
- HOSTNAME
-
Default value: localhost
- BINARY
-
Default value: gnunet-service-consensus
- ACCEPT_FROM
-
Default value: 127.0.0.1;
- ACCEPT_FROM6
-
Default value: ::1;
- UNIXPATH
-
Default value: $GNUNET_RUNTIME_DIR/gnunet-service-consensus.sock
- UNIX_MATCH_UID
-
Default value: YES
- UNIX_MATCH_GID
-
Default value: YES
CORE
- START_ON_DEMAND
-
Default value: YES
- PORT
-
Default value: 2092
- HOSTNAME
-
Default value: localhost
- BINARY
-
Default value: gnunet-service-core
- ACCEPT_FROM
-
Default value: 127.0.0.1;
- ACCEPT_FROM6
-
Default value: ::1;
- UNIXPATH
-
Default value: $GNUNET_RUNTIME_DIR/gnunet-service-core.sock
- UNIX_MATCH_UID
-
Default value: NO
- UNIX_MATCH_GID
-
Default value: YES
- DISABLE_SOCKET_FORWARDING
-
Default value: NO
- USERNAME
-
- MAXBUF
-
- TIMEOUT
-
- DISABLEV6
-
- BINDTO
-
- REJECT_FROM
-
- REJECT_FROM6
-
- PREFIX
-
- USE_EPHEMERAL_KEYS
-
Default value: YES
This MUST be set to YES in production, only set to NO for testing for
performance (testbed/cluster-scale use!).
DATACACHE-POSTGRES
- CONFIG
-
Default value: postgres:///gnunet
DATASTORE
- START_ON_DEMAND
-
Default value: YES
- UNIXPATH
-
Default value: $GNUNET_RUNTIME_DIR/gnunet-service-datastore.sock
- UNIX_MATCH_UID
-
Default value: NO
- UNIX_MATCH_GID
-
Default value: YES
- PORT
-
Default value: 2093
- HOSTNAME
-
Default value: localhost
- BINARY
-
Default value: gnunet-service-datastore
- ACCEPT_FROM
-
Default value: 127.0.0.1;
- ACCEPT_FROM6
-
Default value: ::1;
- QUOTA
-
Default value: 5 GB
- BLOOMFILTER
-
Default value: $GNUNET_DATA_HOME/datastore/bloomfilter
- DATABASE
-
Default value: sqlite
- DISABLE_SOCKET_FORWARDING
-
Default value: NO
DATASTORE-SQLITE
- FILENAME
-
Default value: $GNUNET_DATA_HOME/datastore/sqlite.db
DATASTORE-POSTGRES
- CONFIG
-
Default value: postgres:///gnunet
DATASTORE-MYSQL
- DATABASE
-
Default value: gnunet
- CONFIG
-
Default value: ~/.my.cnf
- USER
-
Default value: gnunet
- PASSWORD
-
- HOST
-
Default value: localhost
- PORT
-
Default value: 3306
DATASTORE-HEAP
- HASHMAPSIZE
-
Default value: 1024
DHT
- IMMEDIATE_START boolean
-
Default value: YES
- START_ON_DEMAND boolean
-
Default value: YES
- PORT integer
-
Default value: 2095
- HOSTNAME string
-
Default value: localhost
- BINARY string
-
Default value: gnunet-service-dht
- ACCEPT_FROM string
-
Default value: 127.0.0.1;
- ACCEPT_FROM6 string
-
Default value: ::1;
- BUCKET_SIZE integer
-
Default value: 4
- UNIXPATH path
-
Default value: $GNUNET_RUNTIME_DIR/gnunet-service-dht.sock
- UNIX_MATCH_UID boolean
-
Default value: NO
- UNIX_MATCH_GID boolean
-
Default value: YES
- DISABLE_SOCKET_FORWARDING boolean
-
Default value: NO
- USERNAME
-
- MAXBUF
-
- TIMEOUT
-
- DISABLEV6
-
- BINDTO
-
- REJECT_FROM
-
- REJECT_FROM6
-
- PREFIX
-
- # Should the DHT cache results that we are routing in the DATACACHE as well?
-
CACHE_RESULTS = YES
- # Special option to disable DHT calling 'try_connect' (for testing)
-
DISABLE_TRY_CONNECT = NO
DHTCACHE
- DATABASE
-
Default value: heap
- QUOTA
-
Default value: 50 MB
- DISABLE_BF_RC boolean
-
Disable RC-file for Bloom filter?
(for benchmarking with limited IO availability)
Default value: NO
EXIT
FS
GNS
HOSTLIST
IDENTITY
NAMECACHE
NAMESTORE
NAT-AUTO
NAT
NSE
PEERINFO
PEERSTORE
PT
REGEX
RESOLVER
REST
- UNIXPATH
-
Default value: $GNUNET_USER_RUNTIME_DIR/gnunet-service-rest.sock
- BINARY
-
Default value: gnunet-rest-server
- BIND_TO
-
Default value: 127.0.0.1
- BIND_TO6
-
Default value: ::1
- REST_PORT
-
Default value: 7776
- REST_ALLOW_HEADERS
-
Default value: Authorization,Accept,Content-Type
- REST_ALLOW_ORIGIN
-
Default value: *
- REST_ALLOW_CREDENTIALS
-
Default value: true
REVOCATION
SCALARPRODUCT
SECRETSHARING
SET
STATISTICS
TEMPLATE
TESTBED-LOGGER
TESTBED
TESTING
TOPOLOGY
- IMMEDIATE_START
-
Default value: YES
- NOARMBIND
-
Default value: YES
- MINIMUM-FRIENDS
-
Default value: 0
- FRIENDS-ONLY
-
Default value: NO
- TARGET-CONNECTION-COUNT
-
Default value: 16
- FRIENDS
-
Default value: $GNUNET_CONFIG_HOME/topology/friends.txt
- BINARY
-
Default value: gnunet-daemon-topology
TRANSPORT
UTIL
VPN
- START_ON_DEMAND
-
Default value: YES
- PORT
-
Default value: 2105
- HOSTNAME
-
Default value: localhost
- BINARY
-
Default value: gnunet-service-vpn
- ACCEPT_FROM
-
Default value: 127.0.0.1;
- ACCEPT_FROM6
-
Default value: ::1;
- UNIXPATH
-
Default value: $GNUNET_RUNTIME_DIR/gnunet-service-vpn.sock
- UNIX_MATCH_UID
-
Default value: NO
- UNIX_MATCH_GID
-
Default value: YES
- IPV6ADDR
-
Default value: 1234::1
- IPV6PREFIX
-
Default value: 32
- IPV4ADDR
-
Default value: 10.11.10.1
- IPV4MASK
-
Default value: 255.255.0.0
- VIRTDNS
-
Default value: 10.11.10.2
- VIRTDNS6
-
Default value: 1234::17
- IFNAME
-
Default value: vpn-gnunet
ZONEMASTER
- START_ON_DEMAND
-
Default value: YES
- IMMEDIATE_START
-
Default value: YES
- HOSTNAME
-
Default value: localhost
- BINARY
-
Default value: gnunet-service-zonemaster
- UNIXPATH
-
Default value: $GNUNET_USER_RUNTIME_DIR/gnunet-service-zonemaster.sock
- PORT
-
Default value: 2123
- UNIX_MATCH_UID
-
Do we require users that want to access GNS to run this process (usually
not a good idea)?
Default value: NO
- UNIX_MATCH_GID
-
Do we require users that want to access GNS to be in the 'gnunet' group?
Default value: NO
- MAX_PARALLEL_BACKGROUND_QUERIES
-
How many queries is GNS allowed to perform in the background at the same time?
Default value: 1000
- ZONE_PUBLISH_TIME_WINDOW
-
How frequently do we try to publish our full zone?
Default value: 4 h
- USE_CACHE
-
Using caching or always ask DHT?
Default value: YES
- PREFIX
-
ZONEMASTER-MONITOR
- START_ON_DEMAND
-
Default value: YES
- IMMEDIATE_START
-
Default value: YES
- HOSTNAME
-
Default value: localhost
- BINARY
-
Default value: gnunet-service-zonemaster-monitor
- UNIXPATH
-
Default value: $GNUNET_USER_RUNTIME_DIR/gnunet-service-zonemaster-monitor.sock
- PORT
-
Default value: 2124
- UNIX_MATCH_UID
-
Do we require users that want to access GNS to run this process (usually not
a good idea)?
Default value: NO
- UNIX_MATCH_GID
-
Do we require users that want to access GNS to be in the 'gnunet' group?
Default value:
NO
EXAMPLES
This example is a simple way to get started, using a server that has a known
list of peers to get you started.
Most users will be behind a firewall on IPv4, as such NAT is enabled.
Please remember to change your IP address to the actual external address
for your usage.
[hostlist]
OPTIONS = -b -e
[nat]
BEHIND_NAT = YES
ENABLE_UPNP = YES
DISABLEV6 = YES
EXTERNAL_ADDRESS = 157.166.249.10
[arm]
START_SYSTEM_SERVICES = YES
START_USER_SERVICES = NO
FILES
~gnunet/.config/gnunet.conf
GNUnet system-user configuration file
$HOME/.config/gnunet.conf
User specific GNUnet configuration file
/usr/local/etc/gnunet.conf
Systemwide GNUnet configuration file
$GNUNET_PREFIX/share/gnunet/config.d/
GNUnet configuration directory with all default option values
SEE ALSO
env(1),
gnunet-arm1,
gnunet-setup1,
strftime(3).
The full documentation for gnunet is maintained as a Texinfo manual.
If the
info(1)
and gnunet programs are properly installed at your site, the command
info gnunet
should give you access to the complete handbook,
info gnunet-c-tutorial
will give you access to a tutorial for developers.
Depending on your installation, this information is also available in
gnunet(7)and
gnunet-c-tutorial7.
BUGS
Report bugs by using
Lk
https://bugs.gnunet.org
or by sending electronic mail to
Aq Mt
gnunet-developers@gnu.org .