diff --git a/files/yggdrasil/config.conf b/files/yggdrasil/config.conf new file mode 100644 index 0000000..307d70f --- /dev/null +++ b/files/yggdrasil/config.conf @@ -0,0 +1,89 @@ +{ + + # List of connection strings for outbound peer connections in URI format, + # e.g. tcp://a.b.c.d:e or socks://a.b.c.d:e/f.g.h.i:j. These connections + # will obey the operating system routing table, therefore you should + # use this section when you may connect via different interfaces. + + Peers: [ + #TRUSTED PEERS - Waren Group + #aurora.devices.waren.io + #201:361f:bbfb:7210:c5b8:3f74:a285:adb9 + "tls://[2a01:4f9:2a:60c::2]:18836", + "tls://95.216.5.243:18836", + ] + + # List of connection strings for static peers in URI format, arranged + # by source interface, i.e. { "eth0": [ tcp://a.b.c.d:e ] }. Note that + # SOCKS peerings will NOT be affected by this option and should go in + # the "Peers" section instead. + + InterfacePeers: {} + + # Listen addresses for incoming connections. You will need to add + # listeners in order to accept incoming peerings from non-local nodes. + # Multicast peer discovery will work regardless of any listeners set + # here. Each listener should be specified in URI format as above, e.g. + # tls://0.0.0.0:0 or tls://[::]:0 to listen on all interfaces. + + Listen: [ + "tls://[::]:{{ config.yggdrasil.port }}" + ] + + # Listen address for admin connections. Default is to listen for local + # connections either on TCP/9001 or a UNIX socket depending on your + # platform. Use this value for yggdrasilctl -endpoint=X. To disable + # the admin socket, use the value "none" instead. + +{% if hostname == "cloudberry.fr1.servers.devices.cwinfo.net" %} + AdminListen: "tcp://[::]:9001" +{% else %} + AdminListen: unix:///var/run/yggdrasil.sock +{% endif %} + + + # Regular expressions for which interfaces multicast peer discovery + # should be enabled on. If none specified, multicast peer discovery is + # disabled. The default value is .* which uses all interfaces. + + MulticastInterfaces: [] + + # List of peer public keys to allow incoming peering connections + # from. If left empty/undefined then all connections will be allowed + # by default. This does not affect outgoing peerings, nor does it + # affect link-local peers discovered via multicast. + + AllowedPublicKeys: [] + + # Your private signing key. DO NOT share this with anyone! + + PrivateKey: {{ config.yggdrasil['keys']['private'] }} + + # Local network interface name for TUN/TAP adapter, or "auto" to select + # an interface automatically, or "none" to run without TUN/TAP. + + IfName: yggdrasil + + # Maximux Transmission Unit (MTU) size for your local TUN/TAP interface. + # Default is the largest supported size for your platform. The lowest + # possible value is 1280. + + IfMTU: 65535 + + # By default, nodeinfo contains some defaults including the platform, + # architecture and Yggdrasil version. These can help when surveying + # the network and diagnosing network routing problems. Enabling + # nodeinfo privacy prevents this, so that only items specified in + # "NodeInfo" are sent back if specified. + + NodeInfoPrivacy: false + + # Optional node info. This must be a { "key": "value", ... } map + # or set as null. This is entirely optional but, if set, is visible + # to the whole network on request. + + NodeInfo: { + "name": "{{ config.yggdrasil.name }}" + } + +}