1 .\" -*- mode: nroff -*-
2 .\" This file is part of GNUnet.
3 .\" Copyright (C) 2012-2015,2018,2019 GNUnet e.V.
5 .\" Permission is granted to copy, distribute and/or modify this document
6 .\" under the terms of the GNU Free Documentation License, Version 1.3 or
7 .\" any later version published by the Free Software Foundation; with no
8 .\" Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A
9 .\" copy of the license is included in the file
12 .\" A copy of the license is also available from the Free Software
13 .\" Foundation Web site at http://www.gnu.org/licenses/fdl.html.
15 .\" Alternately, this document is also available under the General
16 .\" Public License, version 3 or later, as published by the Free Software
17 .\" Foundation. A copy of the license is included in the file
20 .\" A copy of the license is also available from the Free Software
21 .\" Foundation Web site at http://www.gnu.org/licenses/gpl.html.
23 .\" SPDX-License-Identifier: GPL3.0-or-later OR FDL1.3-or-later
30 .Nd GNUnet configuration file
32 A GNUnet setup typically consists of a set of service processes run by a
33 user "gnunet" and a set of user-interface processes run by a standard account.
34 The default location for the configuration file for the services is
35 .Pa ~gnunet/.config/gnunet.conf Ns .
36 However, as normal users also may need read-access to this configuration,
37 you might want to instead put the service process configuration in
38 .Pa @SYSCONFDIR@/gnunet.conf Ns .
40 part of gnunet-gtk, can be used to edit this configuration.
41 The parts of GNUnet that are run as a normal user may have config
42 options too and they read from
43 .Pa $HOME/.config/gnunet.conf Ns .
44 The latter config file can skip any options for the services.
46 The basic structure of the configuration file is the following.
47 .Bl -bullet -offset indent -compact
49 The file is split into sections.
51 Every section begins with a token in square brakets.
52 The current section ends when a new section starts or end of file is
55 A section contains a number of options of the form "OPTION=VALUE".
57 Whitespace surounding the "=" token is striped out, in other words
58 "OPTION = VALUE" and "OPTION=VALUE" are treated equal.
60 Empty lines and lines beginning with a "#" are treated as comments.
62 Boolean values are given as "YES" and "NO".
65 Almost all options are optional.
66 The tools resort to reasonable defaults if an option is not present.
67 Default values for all of the options can be found in the files in the
68 .Pa $GNUNET_PREFIX/share/gnunet/config.d/
70 A typical setup will work out of the box with those.
71 See the examples section below for some common setups on top of that.
72 .Ss Variable naming conventions and data types
73 Boolean values for options are set via "YES" or "NO" values, without the
76 Options which include "PATH" or "path" define a path on the file-system
77 and can take additional variables in the path, such as
80 Section names as listed more in detail below, are small letters only
81 enclosed by square brakets.
83 Many options will be common between sections.
84 They can be repeated under each section with different values.
85 The "[PATHS]" section is special.
86 Here, it is possible to specify values for variables like "GNUNET_HOME".
87 Then, in all filenames that begin with "$GNUNET_HOME" the "$GNUNET_HOME" will
88 be replaced with the respective value at runtime.
89 The main use of this is to redefine "$GNUNET_HOME", which by default points to
90 .Pa $HOME/.config/ Ns .
91 By setting this variable, you can change the location where GNUnet stores
96 which we suggest to use in place of the absolute definition of
101 .Pa $GNUNET_TMP/foo .
103 .Pa $GNUNET_TMP/foo ,
105 .Pa $TMPDIR/gnunet/foo ,
111 .Pa /tmp/gnunet/foo .
112 The following options are generic and shared by all services:
113 .Bl -tag -width indent
115 The hostname specifies the machine on which the service is running.
116 This is usually "localhost".
118 The filename that implements the service.
119 For example "gnunet-service-ats".
121 Start the service always when the peer starts.
122 Set to YES for services that should always be launched, even if no other
123 service explicitly needs them.
125 Set to YES to automatically start the service when it is requested by another
127 YES for most GNUnet services.
129 Set to YES to never have ARM bind to the respective socket.
130 This option is mostly for debugging in situations where ARM cannot pass the
131 pre-bound socket to the child due to interference from PREFIX-commands.
132 This option is only effective in combination with IMMEDIATE_START being YES.
135 PREFIX the given command (with its arguments) to the actual BINARY
137 Useful to run certain services under special supervisors like strace,
139 Typically used in combination with IMMEDIATE_START and NOARMBIND.
142 A semi-column separated list of IPv4 addresses that are allowed to use
143 the service; usually 127.0.0.1.
145 A semi-column separated list of IPv6 addresses that are allowed to use
146 the service; usually ::1.
148 Path to use for the UNIX domain socket for inter process communication with
149 the service on POSIX systems.
151 If UNIX domain sockets are used, set this to YES if only users with the
152 same UID are allowed to access the service.
154 If UNIX domain sockets are used, set this to YES if only users with the
155 same GID are allowed to access the service.
157 End-users should never have to change the defaults GNUnet provides for
159 .Bl -tag -width indent
161 Set to YES if this service should be run per-user.
163 Set to NO if this is a system service.
166 In the following sections the absence of a default value is either
167 expressed as "Default value:" followed by nothing, or the lack of this line.
169 .Bl -tag -width indent
173 Default value: localhost
175 Default value: gnunet-service-arm
177 Default value: 127.0.0.1;
181 Special case, uses user runtime dir even for per-system service.
183 Default value: $GNUNET_USER_RUNTIME_DIR/gnunet-service-arm.sock
191 option, format characters from
193 are allowed; In the GLOBAL_POSTFIX, "{}" stands for the name of the
195 Thus the following example for this option would introduce per-service logging
196 with a new log file each day.
197 Note that only the last 3 log files are preserved.
201 -l $GNUNET_CACHE_HOME/{}-%Y-%m-%d.log
207 .It START_SYSTEM_SERVICES
208 If set to YES, ARM will only start services that are marked as system-level
209 services (and we'll expect a second ARM to be run per-user to run
210 user-level services).
211 Note that in this case you must have manually created a different configuration
212 file with the user where at least this and the START_USER_SERVICES
214 .It START_USER_SERVICES
215 If set to YES, ARM will only start services that are marked as per-user
216 services (and we'll expect a system user to run ARM to provide system-level
218 Per-user services enable better personalization and priviledge separation and
219 in particular ensures that personal data is stored under $HOME, which might be
220 important in a multi-user system (or if $HOME is encrypted and
224 Note that if you have different ARM services for SYSTEM and USER, and you are
225 not on UNIX, you need to change the PORT option for the USER ARM instances to
226 some free port (counting down from 2085 should provide free ports).
227 .It RESOURCE_DIAGNOSTICS
228 File where we should log per-service resource consumption on exit.
230 Default value: resource.log
232 Name of the user that will be used to provide the service.
251 .Bl -tag -width indent
255 Default value: localhost
257 Default value: gnunet-service-ats
259 Default value: 127.0.0.1;
263 Default value: $GNUNET_RUNTIME_DIR/gnunet-service-ats.sock
269 Designated assignment mode.
270 Possible values: PROPORTIONAL, MLP, RIL.
272 Default value: proportional
273 .It UNSPECIFIED_QUOTA_IN
274 quotes in KiB or MiB per seconds.
275 Or use the word "unlimited".
276 Default value: 64 KiB
277 .It UNSPECIFIED_QUOTA_OUT
278 quotes in KiB or MiB per seconds.
279 Or use the word "unlimited".
280 Default value: 64 KiB
281 .It LOOPBACK_QUOTA_IN
282 quotes in KiB or MiB per seconds.
283 Or use the word "unlimited".
284 Default value: unlimited
285 .It LOOPBACK_QUOTA_OUT
286 quotes in KiB or MiB per seconds.
287 Or use the word "unlimited".
288 Default value: unlimited
290 quotes in KiB or MiB per seconds.
291 Or use the word "unlimited".
292 Default value: unlimited
294 quotes in KiB or MiB per seconds.
295 Or use the word "unlimited".
296 Default value: unlimited
298 quotes in KiB or MiB per seconds.
299 Or use the word "unlimited".
300 Default value: 64 KiB
302 quotes in KiB or MiB per seconds.
303 Or use the word "unlimited".
304 Default value: 64 KiB
306 quotes in KiB or MiB per seconds.
307 Or use the word "unlimited".
310 quotes in KiB or MiB per seconds.
311 Or use the word "unlimited".
313 .It BLUETOOTH_QUOTA_IN
314 Default value: 128 KiB
315 .It BLUETOOTH_QUOTA_OUT
316 Default value: 128 KiB
317 .It PROP_PROPORTIONALITY_FACTOR
318 How proportional to preferences is bandwidth distribution in a network?
320 .Bl -tag -width indent
322 Fair with respect to addresses without preferences.
324 The bigger, the more respect is payed to preferences.
326 .It PROP_STABILITY_FACTOR
327 Should we stick to existing connections are prefer to switch?
328 [1.0...2.0], lower value prefers to switch, bigger value is more tolerant.
332 Maximum duration for a solution process (both LP and MILP).
334 .It MLP_MAX_ITERATIONS
335 Maximum numbero of iterations for a solution process (only LP).
336 Tolerated MIP Gap [0.0 .. 1.0].
340 Tolerated LP/MIP Gap [0.0 .. 1.0].
343 .It MLP_MAX_LP_MIP_GAP
345 .It MLP_MAX_ITERATIONS
346 Maximum number of iterations for a solution process.
349 .It MLP_COEFFICIENT_D
351 .It MLP_COEFFICIENT_U
353 .It MLP_COEFFICIENT_R
355 .It MLP_MIN_BANDWIDTH
357 .It MLP_MIN_CONNECTIONS
359 .It MLP_DUMP_PROBLEM_ALL
360 Dump all problems to disk.
363 .It MLP_DUMP_SOLUTION_ALL
364 Dump all solution to disk.
371 .It MLP_DUMP_PROBLEM_ON_FAIL
372 Dump all problems to disk.
375 .It MLP_DUMP_SOLUTION_ON_FAIL
376 Dump all solution to disk.
379 .It RIL_STEP_TIME_MIN
380 Default value: 500 ms
381 .It RIL_STEP_TIME_MAX
382 Default value: 1000 ms
384 Possible values: SARSA or Q-LEARNING.
386 Default value: Q-LEARNING
387 .It RIL_DISCOUNT_BETA
389 .It RIL_GRADIENT_STEP_SIZE
393 .It RIL_EXPLORE_RATIO
395 .It RIL_GLOBAL_REWARD_SHARE
399 .Bl -tag -width indent
402 .Bl -tag -width indent
410 Default value: localhost
412 Default value: gnunet-service-cadet
415 Default value: 127.0.0.1;
419 Default value: $GNUNET_RUNTIME_DIR/gnunet-service-cadet.sock
424 .It REFRESH_CONNECTION_TIME
425 How often do we send KEEPALIVE messages on connections to keep them from
430 Percentage of packets CADET is artificially dropping.
431 Used for testing only!
433 How frequently do we usually anounce our presence in the DHT?
438 .It DHT_REPLICATION_LEVEL
439 What is the replication level we give to the DHT when announcing our existence?
440 Usually there is no need to change this.
448 Not implemented, replaced by MAX_ROUTES in NEW CADET!
452 How many routes do we participate in at most?
453 Should be smaller than MAX_MSGS_QUEUE.
465 How often do we advance the ratchet even if there is not any traffic?
469 How often do we advance the ratched if there is traffic?
473 .Ss COMMUNICATOR-UNIX
474 .Bl -tag -width indent
476 Default value: $GNUNET_RUNTIME_DIR/gnunet-communicator-unix.sock
479 .Bl -tag -width indent
485 Default value: localhost
487 Default value: gnunet-service-consensus
489 Default value: 127.0.0.1;
493 Default value: $GNUNET_RUNTIME_DIR/gnunet-service-consensus.sock
500 .Bl -tag -width indent
506 Default value: localhost
508 Default value: gnunet-service-core
510 Default value: 127.0.0.1;
514 Default value: $GNUNET_RUNTIME_DIR/gnunet-service-core.sock
519 .It DISABLE_SOCKET_FORWARDING
529 .It USE_EPHEMERAL_KEYS
532 This MUST be set to YES in production, only set to NO for testing for
533 performance (testbed/cluster-scale use!).
535 .Ss DATACACHE-POSTGRES
536 .Bl -tag -width indent
538 Default value: postgres:///gnunet
541 .Bl -tag -width indent
545 Default value: $GNUNET_RUNTIME_DIR/gnunet-service-datastore.sock
553 Default value: localhost
555 Default value: gnunet-service-datastore
557 Default value: 127.0.0.1;
563 Default value: $GNUNET_DATA_HOME/datastore/bloomfilter
565 Default value: sqlite
566 .It DISABLE_SOCKET_FORWARDING
570 .Bl -tag -width indent
572 Default value: $GNUNET_DATA_HOME/datastore/sqlite.db
574 .Ss DATASTORE-POSTGRES
575 .Bl -tag -width indent
577 Default value: postgres:///gnunet
580 .Bl -tag -width indent
582 Default value: gnunet
584 Default value: ~/.my.cnf
586 Default value: gnunet
589 Default value: localhost
594 .Bl -tag -width indent
599 .Bl -tag -width indent
600 .It IMMEDIATE_START Ar boolean
602 .It START_ON_DEMAND Ar boolean
606 .It HOSTNAME Ar string
607 Default value: localhost
609 Default value: gnunet-service-dht
610 .It ACCEPT_FROM Ar string
611 Default value: 127.0.0.1;
612 .It ACCEPT_FROM6 Ar string
614 .It BUCKET_SIZE Ar integer
617 Default value: $GNUNET_RUNTIME_DIR/gnunet-service-dht.sock
618 .It UNIX_MATCH_UID Ar boolean
620 .It UNIX_MATCH_GID Ar boolean
622 .It DISABLE_SOCKET_FORWARDING Ar boolean
633 # Should the DHT cache results that we are routing in the DATACACHE as well?
636 # Special option to disable DHT calling 'try_connect' (for testing)
637 DISABLE_TRY_CONNECT = NO
640 .Bl -tag -width indent
645 .It DISABLE_BF_RC Ar boolean
646 Disable RC-file for Bloom filter?
647 (for benchmarking with limited IO availability)
651 .Bl -tag -width indent
654 .Bl -tag -width indent
657 .Bl -tag -width indent
660 .Bl -tag -width indent
663 .Bl -tag -width indent
666 .Bl -tag -width indent
669 .Bl -tag -width indent
672 .Bl -tag -width indent
675 .Bl -tag -width indent
678 .Bl -tag -width indent
681 .Bl -tag -width indent
684 .Bl -tag -width indent
687 .Bl -tag -width indent
690 .Bl -tag -width indent
693 .Bl -tag -width indent
696 .Bl -tag -width indent
698 Default value: $GNUNET_USER_RUNTIME_DIR/gnunet-service-rest.sock
700 Default value: gnunet-rest-server
702 Default value: 127.0.0.1
707 .It REST_ALLOW_HEADERS
708 Default value: Authorization,Accept,Content-Type
709 .It REST_ALLOW_ORIGIN
711 .It REST_ALLOW_CREDENTIALS
724 .Bl -tag -width indent
733 .It TARGET-CONNECTION-COUNT
736 Default value: $GNUNET_CONFIG_HOME/topology/friends.txt
738 Default value: gnunet-daemon-topology
743 .Bl -tag -width indent
749 Default value: localhost
751 Default value: gnunet-service-vpn
753 Default value: 127.0.0.1;
757 Default value: $GNUNET_RUNTIME_DIR/gnunet-service-vpn.sock
763 Default value: 1234::1
767 Default value: 10.11.10.1
769 Default value: 255.255.0.0
771 Default value: 10.11.10.2
773 Default value: 1234::17
775 Default value: vpn-gnunet
778 .Bl -tag -width indent
784 Default value: localhost
786 Default value: gnunet-service-zonemaster
788 Default value: $GNUNET_USER_RUNTIME_DIR/gnunet-service-zonemaster.sock
792 Do we require users that want to access GNS to run this process (usually
797 Do we require users that want to access GNS to be in the 'gnunet' group?
800 .It MAX_PARALLEL_BACKGROUND_QUERIES
801 How many queries is GNS allowed to perform in the background at the same time?
804 .It ZONE_PUBLISH_TIME_WINDOW
805 How frequently do we try to publish our full zone?
809 Using caching or always ask DHT?
814 .Ss ZONEMASTER-MONITOR
815 .Bl -tag -width indent
821 Default value: localhost
823 Default value: gnunet-service-zonemaster-monitor
825 Default value: $GNUNET_USER_RUNTIME_DIR/gnunet-service-zonemaster-monitor.sock
829 Do we require users that want to access GNS to run this process (usually not
834 Do we require users that want to access GNS to be in the 'gnunet' group?
840 This example is a simple way to get started, using a server that has a known
841 list of peers to get you started.
842 Most users will be behind a firewall on IPv4, as such NAT is enabled.
843 Please remember to change your IP address to the actual external address
845 .Bd -literal -offset indent -compact
853 EXTERNAL_ADDRESS = 157.166.249.10
856 START_SYSTEM_SERVICES = YES
857 START_USER_SERVICES = NO
860 .Pa ~gnunet/.config/gnunet.conf
861 GNUnet system-user configuration file
862 .Pa $HOME/.config/gnunet.conf
863 User specific GNUnet configuration file
864 .Pa @SYSCONFDIR@/gnunet.conf
865 Systemwide GNUnet configuration file
866 .Pa $GNUNET_PREFIX/share/gnunet/config.d/
867 GNUnet configuration directory with all default option values
874 The full documentation for gnunet is maintained as a Texinfo manual.
877 and gnunet programs are properly installed at your site, the command
881 should give you access to the complete handbook,
883 .Dl info gnunet-c-tutorial
885 will give you access to a tutorial for developers.
887 Depending on your installation, this information is also available in
889 .Xr gnunet-c-tutorial 7 .
894 .Lk https://bugs.gnunet.org
895 or by sending electronic mail to
896 .Aq Mt gnunet-developers@gnu.org .