X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=doc%2Fserver.texi;h=325d317cb4b435f88398e56d51382166919c008f;hb=f9209136cff0331fc2293f25061971f6c77ff213;hp=a9ce065ddbfeb45ca1afcb5de1241dda3eb148a0;hpb=cac5fb18c373e59885a67592e1c8d08e825e2896;p=govpn.git

diff --git a/doc/server.texi b/doc/server.texi
index a9ce065..325d317 100644
--- a/doc/server.texi
+++ b/doc/server.texi
@@ -1,82 +1,87 @@
 @node Server
 @section Server part
 
-Except for common @code{-mtu}, @code{-stats}, @code{-egd} options server
-has the following ones:
+Except for common @ref{Stats, -stats}, @ref{EGD, -egd}, @ref{Syslog, -syslog}
+options server has the following ones:
 
-@table @code
+@table @option
 
 @item -proto
-@ref{Network, network protocol} to use. Can be @emph{udp},
+@ref{Network, Network protocol} to use. Can be @emph{udp} (default),
 @emph{tcp} or @emph{all}.
 
 @item -bind
 Address (@code{host:port} format) we must bind to.
 
-@item -peers
-Path to the directory containing peers information, database.
+@item -conf
+Path to YAML file with the configuration.
 
 @item -proxy
 Start trivial HTTP @ref{Proxy} server on specified @emph{host:port}.
 
 @end table
 
-Peers directory must contain subdirectories with the names of client's
-identities in hexadecimal notation. Each subdirectory has the following
-files:
-
-@table @code
-
-@item verifier
-@strong{Required}. Contains corresponding verifier used to authenticate
-the client in hexadecimal notation. See @ref{Verifier} for how
-to create it.
-
-@item up.sh
-@strong{Required}. up-script executes each time connection with the
-client is established. It's @emph{stdout} output must contain TAP
-interface name on the first string. This script can be simple
-@code{echo tap10}, or maybe more advanced like this:
-    @example
-    #!/bin/sh
-    $tap=$(ifconfig tap create)
-    ifconfig $tap inet6 fc00::1/96 mtu 1412 up
-    echo $tap
-    @end example
-
-@item down.sh
-Optional. Same as @code{up.sh} above, but executes when connection is
-lost.
-
-@item name
-Optional. Contains human readable username. Used to beauty output of
-@ref{Stats}.
-
-@item timeout
-Optional. Contains @ref{Timeout} setting (decimal notation) in seconds.
-Otherwise default minute timeout will be used.
-
-@item noise
-Optional. Contains either "1" (enable @ref{Noise} adding), or "0".
-
-@item cpr
-Optional. Contains @ref{CPR} setting (decimal notation) in KiB/sec.
-
-@end table
-
-Each minute server refreshes peers directory contents and adds newly
-appeared identities, deletes an obsolete ones.
-
-You can use convenient @code{utils/newclient.sh} script for new client
+Configuration file is YAML file with following example structure:
+
+@verbatim
+stargrave:                          <-- Peer human readable name
+    iface: tap10                    <-- OPTIONAL TAP interface name
+    mtu: 1515                       <-- OPTIONAL overriden MTU
+    up: ./stargrave-up.sh           <-- OPTIONAL up-script
+    down: ./stargrave-down.sh       <-- OPTIONAL down-script
+    timeout: 60                     <-- OPTIONAL overriden timeout
+    timesync: 0                     <-- OPTIONAL time synchronization requirement
+    noise: No                       <-- OPTIONAL noise enabler
+    cpr: 64                         <-- OPTIONAL constant packet rate, KiB/sec
+    encless: No                     <-- OPTIONAL Encryptionless mode
+    verifier: $baloon...            <-- verifier received from client
+[...]
+@end verbatim
+
+At least one of either @code{iface} or @code{up} must be specified. If
+you specify @code{iface}, then it will be forcefully used to determine
+what TAP interface will be used. If it is not specified, then
+up-@ref{Scripts, script} must output interface's name to stdout
+(first output line).
+
+For example up-script can be just @code{echo tap10}, or more advanced
+like the following one:
+
+@verbatim
+#!/bin/sh
+$tap=$(ifconfig tap create)
+ifconfig $tap inet6 fc00::1/96 mtu 1412 up
+echo $tap
+@end verbatim
+
+Each minute server rereads and refreshes peers configuration and adds
+newly appeared identities, deletes an obsolete ones.
+
+You can use convenient @command{utils/newclient.sh} script for new client
 creation:
 
-@example
+@verbatim
 % ./utils/newclient.sh Alice
-Place verifier to peers/9b40701bdaf522f2b291cb039490312/verifier
-@end example
-
-@code{9b40701bdaf522f2b291cb039490312} is client's identification.
-@code{peers/9b40701bdaf522f2b291cb039490312/name} contains @emph{Alice},
-@code{peers/9b40701bdaf522f2b291cb039490312/verifier} contains dummy
-verifier and @code{peers/9b40701bdaf522f2b291cb039490312/up.sh} contains
-currently dummy empty up-script.
+[...]
+Your client verifier is: $balloon$s=32768,t=16,p=2$bwR5VjeCYIQaa8SeaI3rqg
+
+Place the following YAML configuration entry on the server's side:
+
+    Alice:
+        up: /path/to/up.sh
+        iface: or TAP interface name
+        verifier: $balloon$s=32768,t=16,p=2$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10
+@end verbatim
+
+Example configuration file:
+@verbatim
+stargrave:
+    iface: tap0
+    verifier: $balloon$s=32768,t=16,p=2$VMirzcshcHuG2V4jhUsEjw$X5fC07L8k61h3S1Oro/rC76+m0oGDTA9Bq+aWJ1uOgY
+slow:
+    iface: tap1
+    encless: Yes
+    mtu: 9000
+    cpr: 384
+    verifier: $balloon$s=32768,t=16,p=2$YbIA5garDqCOhtI/2EZVNg$gOo5vcEGynmpeepNscwclicfZsWxzgYFRLbgG21EZ1U
+@end verbatim