-@node Server part
+@node Server
@section Server part
-Except for common @code{-mtu}, @code{-noncediff}, @code{-timeout},
-@code{-stats}, @code{-noise} options server has the following ones:
+Except for common @code{-stats}, @code{-egd} options server has the
+following ones:
@table @code
+
+@item -proto
+@ref{Network, network protocol} to use. Can be @emph{udp} (default),
+@emph{tcp} or @emph{all}.
+
@item -bind
Address (@code{host:port} format) we must bind to.
-@item -peers
-Path to the directory containing peers information, database.
+
+@item -conf
+Path to JSON file with the configuration.
+
+@item -proxy
+Start trivial HTTP @ref{Proxy} server on specified @emph{host:port}.
+
@end table
-Peers directory must contain subdirectories with the names of client's identities
-in hexadecimal notation. Each of those subdirectories must have
-@strong{key} file with the corresponding authentication key,
-@strong{up.sh} script that executes each time connection with the client
-establishes, optional @code{name} file containing human readable
-client's name and optional @code{down.sh} that executes during
-connection lost.
+Configuration file is JSON file with following example structure:
-@code{up.sh} script @strong{must} print on the first stdout line the
-name of TAP interface. This script can be simple @code{echo tap10},
-maybe more advanced with dynamic interface creation:
+@verbatim
+{
+ "stargrave": { <-- Peer human readable name
+ "iface": "tap10", <-- OPTIONAL TAP interface name
+ "mtu": 1514, <-- OPTIONAL overriden MTU
+ "up": "./stargrave-up.sh", <-- OPTIONAL up-script
+ "down": "./stargrave-down.sh", <-- OPTIONAL down-script
+ "timeout": 60, <-- OPTIONAL overriden timeout
+ "noise": true, <-- OPTIONAL noise enabler
+ (default: false)
+ "cpr": 64, <-- OPTIONAL constant packet
+ rate in KiB/sec
+ "encless": false, <-- OPTIONAL Encryptionless mode
+ "verifier": "$argon2d..." <-- verifier received from client
+ },
+ [...]
+}
+@end verbatim
+
+At least one of either @code{iface} or @code{up} must be specified. If
+you specify @code{iface}, then it will be forcefully used to determine
+what TAP interface will be used. If it is not specified, then up-script
+must output interface's name to stdout (first output line).
+
+For example up-script can be just @code{echo tap10}, or more advanced
+like the following one:
@example
#!/bin/sh
echo $tap
@end example
-Each minute server refreshes peers directory contents and adds newly
-appeared identities, deletes an obsolete ones.
+Each minute server rereads and refreshes peers configuration and adds
+newly appeared identities, deletes an obsolete ones.
You can use convenient @code{utils/newclient.sh} script for new client
creation:
-@example
+@verbatim
% ./utils/newclient.sh Alice
-9b40701bdaf522f2b291cb039490312
-@end example
+[...]
+Your client verifier is: $argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg
+
+Place the following JSON configuration entry on the server's side:
-@code{9b40701bdaf522f2b291cb039490312} is client's identification.
-@code{peers/9b40701bdaf522f2b291cb039490312/name} contains @emph{Alice},
-@code{peers/9b40701bdaf522f2b291cb039490312/key} contains authentication key and
-@code{peers/9b40701bdaf522f2b291cb039490312/up.sh} contains currently
-dummy empty up-script.
+ "Alice": {
+ "up": "/path/to/up.sh",
+ "iface": "or TAP interface name",
+ "verifier": "$argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10"
+ }
+[...]
+@end verbatim