@node Server
+@cindex Server
+@cindex Server part
+@cindex Server configuration
+@cindex Server side
+@cindex govpn-server
@section Server part
-Except for common @code{-mtu}, @code{-stats}, @code{-egd} options server
-has the following ones:
+Except for common @code{-stats}, @code{-egd} options server has the
+following ones:
@table @code
Address (@code{host:port} format) we must bind to.
@item -conf
-Path to JSON file with the configuration.
+Path to YAML file with the configuration.
@item -proxy
Start trivial HTTP @ref{Proxy} server on specified @emph{host:port}.
@end table
-Configuration file is JSON file with following example structure:
+@cindex YAML
+@cindex YAML configuration
+@cindex Configuration file
+Configuration file is YAML file with following example structure:
@verbatim
-{
- "stargrave": { <-- Peer human readable name
- "up": "./stargrave-up.sh", <-- up-script
- "down": "./stargrave-down.sh", <-- OPTIONAL down-script
- "timeout": 60, <-- OPTIONAL overriden timeout
- "noise": true, <-- OPTIONAL noise enabler
- (default: false)
- "cpr": 64, <-- OPTIONAL constant packet
- rate in KiB/sec
- "verifier": "$argon2d..." <-- verifier received from client
- },
- [...]
-}
+stargrave: { <-- Peer human readable name
+ iface: tap10 <-- OPTIONAL TAP interface name
+ mtu: 1514 <-- OPTIONAL overriden MTU
+ up: ./stargrave-up.sh <-- OPTIONAL up-script
+ down: ./stargrave-down.sh <-- OPTIONAL down-script
+ timeout: 60 <-- OPTIONAL overriden timeout
+ noise: No <-- OPTIONAL noise enabler
+ cpr: 64 <-- OPTIONAL constant packet rate, KiB/sec
+ encless: No <-- OPTIONAL Encryptionless mode
+ verifier: $argon2d... <-- verifier received from client
+[...]
@end verbatim
-up-script executes each time connection with the client is established.
-Its @emph{stdout} output must contain TAP interface name as the first
-line. This script can be simple @code{echo tap10}, or maybe more
-advanced like this:
+At least one of either @code{iface} or @code{up} must be specified. If
+you specify @code{iface}, then it will be forcefully used to determine
+what TAP interface will be used. If it is not specified, then up-script
+must output interface's name to stdout (first output line).
+
+For example up-script can be just @code{echo tap10}, or more advanced
+like the following one:
+
+@cindex up-script
+
@example
#!/bin/sh
$tap=$(ifconfig tap create)
[...]
Your client verifier is: $argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg
-Place the following JSON configuration entry on the server's side:
+Place the following YAML configuration entry on the server's side:
- "Alice": {
- "up": "/path/to/up.sh",
- "verifier": "$argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10"
- }
-[...]
+ Alice:
+ up: /path/to/up.sh
+ iface: or TAP interface name
+ verifier: $argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10
+@end verbatim
+
+Example configuration file:
+@verbatim
+stargrave:
+ iface: tap0
+ verifier: $argon2d$m=4096,t=128,p=1$VMirzcshcHuG2V4jhUsEjw$X5fC07L8k61h3S1Oro/rC76+m0oGDTA9Bq+aWJ1uOgY
+slow:
+ iface: tap1
+ encless: Yes
+ mtu: 9000
+ cpr: 384
+ verifier: $argon2d$m=4096,t=128,p=1$YbIA5garDqCOhtI/2EZVNg$gOo5vcEGynmpeepNscwclicfZsWxzgYFRLbgG21EZ1U
@end verbatim