Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
cjdroute.conf(5)		Cjdns Reference		      cjdroute.conf(5)

NAME
       cjdroute.conf - Cjdns configuration file

DESCRIPTION
       The  cjdroute.conf  file	configures the cjdns routing engine, cjdns(8),
       generally through cjdroute(1).

       The configuration is written in a variation of  the  JSON  format  that
       also  accepts  traditional C-like comments such as single line comments
       (//) and	multiline comments (/* and */).	Additionally, unused JSON val-
       ues  found  in  cjdroute.conf are ignored by cjdns and can be used as a
       form of JSON-compliant comments.

CONFIGURATION
       "privateKey": "..."
	   Your	node's private key. It should be kept secret because your con-
	   fidentiality	and data integrity depend on it.

       "publicKey": "..."
	   Your	 node's	 public	 key. Based on your private key	It is fine for
	   anyone to know this.

       "ipv6": "..."
	   Your	node's IPv6 address when it is on the network. It is generated
	   by using the	first 16 bytes of a double SHA-512 of your public key.
	   All cjdns IPv6 addresses must begin with "fc" or else they are  in-
	   valid.

       "authorizedPasswords": [...]
	   An  array  of  passwords that may be	used to	connect	(peer) to your
	   node.

	   "password": "..."
	       A password which	can be used to peer with your node.

	   "user": "..."
	       A human-readable	string that identifies what password a peer is
	       using  on the admin interface. If omitted, the password will be
	       identified by its position within the array (starting from 0)

	   Example:
	   "authorizedPasswords":
	   [
	       { "password": "AnExamplePassword", "user": "Bob"	},
	       { "password": "YetAnotherExample", "user": "Alice" },
	       { "password": "j3fus4r3gkhv80xdz1yqc0qvn1p91hr",	"user":	 "Eve"
	   }
	   ]

       "admin":	{...}
	   An  object  which  defines where to bind to the admin RPC server as
	   well	as the password	for the	admin RPC  server.  The	 two  required
	   strings  are	 "bind",  which	should be in the format	"IP:PORT", and
	   "password", which should preferably be  a  long  random  string  of
	   characters.

       "interfaces": {...}
	   An object that defines which	interfaces cjdns will bind to and what
	   peers to connect to.	There are two different	interfaces,  UDPInter-
	   face	 and ETHInterface, both	of which are arrays. Within each array
	   there are a variety of different options

	   "bind": "..."
	       Defines what the	interface should bind to. In UDPInterface, the
	       bind  is	 an  IP:PORT string, such as "0.0.0.0:12345", while in
	       ETHInterface the	bind is	a network interface, such as "eth0".

	   "beacon": Integer
	       This option is only found in ETHInterface and  defines  whether
	       auto-connecting	beacons	should be sent or listened to. This is
	       useful for a zeroconf local network.

		   0 --	Disabled.
		   1 --	Accept incoming	beacons	 and  try  connecting  to  the
		   sender.
		   2  --  Accept incoming beacons and broadcast	beacons	to the
		   local network.

	   "connectTo":	{...}
	       Defines which nodes cjdns should	connect	to with	the  specified
	       interface.   Multiple  nodes  may  be  placed in	a single "con-
	       nectTo" as long as each are seperated by	commas.	If a node hap-
	       pens to be offline or become offline during runtime, cjdns will
	       attempt to reconnect at regular intervals. The  one  difference
	       in  this	 option	 between UDPInterface and ETHInterface is that
	       UDPInterface connects to	an "IP:PORT" while  ETHInterface  con-
	       nects to	a MAC address.

	       UDPInterface Example:
	       "connectTo":
	       {
		   "1.2.3.4:54321":
		   {
		       "login":	"login From Your Peer's	authorizedPasswords",
		       "password":  "password From Your	Peer's authorizedPass-
		   words",
		       "publicKey": "Your Peer's publicKey.k"
		   },
		   "5.6.7.8:46321":
		   {
		       "login":	"cueball",
		       "password": "Correct Horse Battery Staple",
		       "publicKey": "Other Peer's publicKey.k"
		   }
	       }

       "router": {...}
	   An object that holds	configuration information on the router

	   "interface":	{...}
	       Defines the type	of interface used for connecting to the	 cjdns
	       network.	 It requires a "type" string, and optionally a "tunDe-
	       vice" string. The "type"	string defines the type	 of  interface
	       used,  however  only "TUNInterface" is supported	at the moment.
	       The "tunDevice" string defines the name of a persistent TUN de-
	       vice  to	use, which is helpful for starting cjdroute as its own
	       user instead of root.

	   "ipTunnel": {...}
	       A system	for tunneling ICANN IPv4 and ICANN IPv6	through	cjdns.
	       This is using the cjdns switch layer as a VPN carrier.

	       NOTE:  Simply editing your configuration	file is	not sufficient
	       to setting up an	ipTunnel gateway.  Please  read	 through  tun-
	       nel/README.md in	the cjdns git tree for more information

	       "allowedConnections": [...]
		   Nodes  allowed  to connect to us, specified by their	public
		   key,	and what IP address(es)	to give	them. It  is  fine  to
		   only	specify	one address.

		   Example:

		   "allowedConnections":
		   [
		       {
			   "publicKey":	 "f64hfl7c4uxt6krmhPutTheRealAddressO-
		   fANodeHere7kfm5m0.k",
			   "ip4Address": "192.168.1.24",
			   "ip4Prefix":	24,
			   "ip6Address": "2001:123:ab::10",
			   "ip6Prefix":	0
		       },
		       {
			   "publicKey":	    "ydq8csdk8p8ThisIsJustAnExampleAd-
		   dresstxuyqdf27hvn2z0.k",
			   "ip4Address": "192.168.1.25",
			   "ip4Prefix":	24
		       }
		   ]

	       "outgoingConnections": [...]
		   An array of nodes to	connect	and ask	for IP addresses.

		   Example:

		   "outgoingConnections":
		   [
		       "6743gf5tw80ExampleExampleExampleExam-
		   plevlyb23zfnuzv0.k",
		       "pw9tfmr8pcrExampleExampleExampleExample8rhg1pgw-
		   pwf80.k",
		       "g91lxyxhq0kExampleExampleExampleExam-
		   ple6t0mknuhw75l0.k"
		   ]

       "security": [...]
	   An array that defines what user to  change  to  after  startup  and
	   whether to exempt the Angel process from this user change.

	   "setuser": "username"
	       User to switch to after startup,	for security purposes. Default
	       value is	"nobody".

	   "exemptAngel": Integer
	       Whether or not to  exempt  the  Angel  process  from  the  user
	       change.	The  Angel is a	small isolated piece of	code which ex-
	       ists outside of the core's strict sandbox but does  not	handle
	       network	traffic.  This	option must be enabled for ipTunnel to
	       automatically set IP addresses for the TUN device.

	       0 -- False
	       1 -- True

       "logging": {...}
	   Add or uncomment "logTo":"stdout"  to  have	cjdns  log  to	stdout
	   rather than making logs available via the admin socket

       "noBackground": Integer
	   If  set to a	non-zero value,	cjdns will not fork to the background.
	   Recommended for use in conjunction with "logTo":"stdout".

       "dns": {...}
	   This	section	is used	to configure the dns capabilities being	 added
	   to  cjdns.	Unfortunetly,  there  is no documentation for this DNS
	   section at this time.

	   "keys": [...]

	   "servers": [...]

	   "MinSignatures": Integer

FILES
       /etc/cjdroute.conf
	   A common location for the configuration file.

SEE ALSO
       cjdroute(1), cjdns(8)

				  2014-03-16		      cjdroute.conf(5)

NAME | DESCRIPTION | CONFIGURATION | FILES | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=cjdroute.conf&sektion=5&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help