bridgedb.conf 2.8 KB
Newer Older
1
2
3
4
5
6
7
8

#==========
# General-purpose options.

# We chdir to this directory when we start; all files with relative
# pathnames are created under this directory
RUN_IN_DIR = "~/run/"

9
10
11
# Either a file in which to write our pid, or None
PIDFILE = "bridgedb.pid"

12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
# Files from which we read descriptors on start and SIGHUP
# XXXX SIGHUP not implemented.
BRIDGE_FILES = [ "./cached-descriptors", "./cached-descriptors.new" ]

# Only consider routers whose purpose matches this string.
BRIDGE_PURPOSE = "bridge"
# File to store persistent info in.
DB_FILE = "./bridgedist.db"
# File to log changes to persistent info in.  For debugging and bugfixing.
DB_LOG_FILE = "./bridgedist.log"
# File in which we store our secret HMAC root key.
MASTER_KEY_FILE = "./secret_key"

# How many clusters do we group IPs in when distributing bridges based on IP?
N_IP_CLUSTERS = 4

#==========
# Options related to HTTPS

31
# True if we are enabling distribution via HTTP or HTTPS; False otherwise.
32
33
34
35
36
37
38
39
HTTPS_DIST = True
# What proportion of bridges do we allocate to HTTP distribution?  See
# EMAIL_SHARE and RESERVED_SHARE.
HTTPS_SHARE=10
# An IP address (form "1.2.3.4") where we listen for HTTPS connections.
# "None" to listen on the default interface.
HTTPS_BIND_IP=None
# Port to listen on for incoming HTTPS connections
40
HTTPS_PORT=3443
41
42
43
44
45
46
47
48
49
50
51
52
53
# Certificate file
HTTPS_CERT_FILE="cert"
# Private key file.
HTTPS_KEY_FILE="privkey.pem"
# IP and port to listen on for unencrypted HTTP connections. Debugging only.
HTTP_UNENCRYPTED_BIND_IP=None
HTTP_UNENCRYPTED_PORT=None
# How many bridges do we give back in an answer?
HTTPS_N_BRIDGES_PER_ANSWER=2

#==========
# Options related to Email

54
# True if we are enabling distribution via Email; false otherwise.
55
56
57
58
59
60
61
62
63
64
EMAIL_DIST = True
# What proportion of bridges do we allocate to Email distribution?  See
# HTTPS_SHARE and RESERVED_SHARE.
EMAIL_SHARE=10
# Canonical versions of domains that we will reply to.
EMAIL_DOMAINS = [ "gmail.com", "yahoo.com" ]
# Map from unofficial domain to canonical domain.
EMAIL_DOMAIN_MAP = { "mail.google.com" : "gmail.com",
                     "googlemail.com" : "gmail.com",
                     }
65
# If there are any IPs in this list, only allow incoming connections from
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# those IPs.
EMAIL_RESTRICT_IPS=[]
# IP and port to listen on for email connections. Debugging only.
EMAIL_BIND_IP=None
EMAIL_PORT=6725
# How many bridges to we give back in an answer?
EMAIL_N_BRIDGES_PER_ANSWER=2

#==========
# Options related to unallocated bridges.

# We split bridges into a group accessible by HTTPS queries; a group
# accessible by email queries; and a group that we don't assign to any
# query mechanism.  Once a bridge is assigned to either of the first
# two groups, it stays there persistently.  The bridges are allocated
# to these groups in an proportion of
#   HTTPS_SHARE : EMAIL_SHARE : RESERVED_SHARE
RESERVED_SHARE=2