X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=doc%2Fserver.texi;h=63f3239fb994aff3315ba24ec9126ecf1afc876b;hb=4cc7cf27a64355bbe1f64418a55e860baeb63ac0;hp=7541d571c54c05e8dbb0252225c13ce4e7fc9c32;hpb=8d09a156e94b79f55d1ef37d2e6d2572e5bf6e58;p=govpn.git

diff --git a/doc/server.texi b/doc/server.texi
index 7541d57..63f3239 100644
--- a/doc/server.texi
+++ b/doc/server.texi
@@ -1,48 +1,87 @@
-@node Server part
+@node Server
 @section Server part
 
-Except for common @code{-mtu}, @code{-noncediff}, @code{-timeout},
-@code{-stats} options server has the following ones:
+Except for common @ref{Stats, -stats}, @ref{EGD, -egd}, @ref{Syslog, -syslog}
+options server has the following ones:
+
+@table @option
+
+@item -proto
+@ref{Network, Network protocol} to use. Can be @emph{udp} (default),
+@emph{tcp} or @emph{all}.
 
-@table @code
 @item -bind
 Address (@code{host:port} format) we must bind to.
-@item -peers
-Path to the directory containing peers information, database.
+
+@item -conf
+Path to YAML file with the configuration.
+
+@item -proxy
+Start trivial HTTP @ref{Proxy} server on specified @emph{host:port}.
+
 @end table
 
-Peers directory must contain subdirectories with the names of client's identities
-in hexadecimal notation. Each of those subdirectories must have
-@strong{key} file with the corresponding authentication key,
-@strong{up.sh} script that executes each time connection with the client
-establishes, optional @code{name} file containing human readable
-client's name and optional @code{down.sh} that executes during
-connection lost.
+Configuration file is YAML file with following example structure:
 
-@code{up.sh} script @strong{must} print on the first stdout line the
-name of TAP interface. This script can be simple @code{echo tap10},
-maybe more advanced with dynamic interface creation:
+@verbatim
+stargrave: {                        <-- Peer human readable name
+    iface: tap10                    <-- OPTIONAL TAP interface name
+    mtu: 1514                       <-- OPTIONAL overriden MTU
+    up: ./stargrave-up.sh           <-- OPTIONAL up-script
+    down: ./stargrave-down.sh       <-- OPTIONAL down-script
+    timeout: 60                     <-- OPTIONAL overriden timeout
+    timesync: 0                     <-- OPTIONAL time synchronization requirement
+    noise: No                       <-- OPTIONAL noise enabler
+    cpr: 64                         <-- OPTIONAL constant packet rate, KiB/sec
+    encless: No                     <-- OPTIONAL Encryptionless mode
+    verifier: $argon2d...           <-- verifier received from client
+[...]
+@end verbatim
 
-@example
+At least one of either @code{iface} or @code{up} must be specified. If
+you specify @code{iface}, then it will be forcefully used to determine
+what TAP interface will be used. If it is not specified, then
+up-@ref{Scripts, script} must output interface's name to stdout
+(first output line).
+
+For example up-script can be just @code{echo tap10}, or more advanced
+like the following one:
+
+@verbatim
 #!/bin/sh
 $tap=$(ifconfig tap create)
 ifconfig $tap inet6 fc00::1/96 mtu 1412 up
 echo $tap
-@end example
+@end verbatim
 
-Each minute server refreshes peers directory contents and adds newly
-appeared identities, deletes an obsolete ones.
+Each minute server rereads and refreshes peers configuration and adds
+newly appeared identities, deletes an obsolete ones.
 
-You can use convenient @code{utils/newclient.sh} script for new client
+You can use convenient @command{utils/newclient.sh} script for new client
 creation:
 
-@example
+@verbatim
 % ./utils/newclient.sh Alice
-9b40701bdaf522f2b291cb039490312
-@end example
-
-@code{9b40701bdaf522f2b291cb039490312} is client's identification.
-@code{peers/9b40701bdaf522f2b291cb039490312/name} contains @emph{Alice},
-@code{peers/9b40701bdaf522f2b291cb039490312/key} contains authentication key and
-@code{peers/9b40701bdaf522f2b291cb039490312/up.sh} contains currently
-dummy empty up-script.
+[...]
+Your client verifier is: $argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg
+
+Place the following YAML configuration entry on the server's side:
+
+    Alice:
+        up: /path/to/up.sh
+        iface: or TAP interface name
+        verifier: $argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10
+@end verbatim
+
+Example configuration file:
+@verbatim
+stargrave:
+    iface: tap0
+    verifier: $argon2d$m=4096,t=128,p=1$VMirzcshcHuG2V4jhUsEjw$X5fC07L8k61h3S1Oro/rC76+m0oGDTA9Bq+aWJ1uOgY
+slow:
+    iface: tap1
+    encless: Yes
+    mtu: 9000
+    cpr: 384
+    verifier: $argon2d$m=4096,t=128,p=1$YbIA5garDqCOhtI/2EZVNg$gOo5vcEGynmpeepNscwclicfZsWxzgYFRLbgG21EZ1U
+@end verbatim