1
2cjdroute.conf(5) Cjdns Reference cjdroute.conf(5)
3
4
5
7 cjdroute.conf - Cjdns configuration file
8
9
11 The cjdroute.conf file configures the cjdns routing engine, cjdns(8),
12 generally through cjdroute(1).
13
14 The configuration is written in a variation of the JSON format that
15 also accepts traditional C-like comments such as single line comments
16 (//) and multiline comments (/* and */). Additionally, unused JSON val‐
17 ues found in cjdroute.conf are ignored by cjdns and can be used as a
18 form of JSON-compliant comments.
19
20
22 "privateKey": "..."
23 Your node's private key. It should be kept secret because your con‐
24 fidentiality and data integrity depend on it.
25
26 "publicKey": "..."
27 Your node's public key. Based on your private key It is fine for
28 anyone to know this.
29
30 "ipv6": "..."
31 Your node's IPv6 address when it is on the network. It is generated
32 by using the first 16 bytes of a double SHA-512 of your public key.
33 All cjdns IPv6 addresses must begin with "fc" or else they are
34 invalid.
35
36 "authorizedPasswords": [...]
37 An array of passwords that may be used to connect (peer) to your
38 node.
39
40 "password": "..."
41 A password which can be used to peer with your node.
42
43 "user": "..."
44 A human-readable string that identifies what password a peer is
45 using on the admin interface. If omitted, the password will be
46 identified by its position within the array (starting from 0)
47
48 Example:
49 "authorizedPasswords":
50 [
51 { "password": "AnExamplePassword", "user": "Bob" },
52 { "password": "YetAnotherExample", "user": "Alice" },
53 { "password": "j3fus4r3gkhv80xdz1yqc0qvn1p91hr", "user": "Eve"
54 }
55 ]
56
57 "admin": {...}
58 An object which defines where to bind to the admin RPC server as
59 well as the password for the admin RPC server. The two required
60 strings are "bind", which should be in the format "IP:PORT", and
61 "password", which should preferably be a long random string of
62 characters.
63
64 "interfaces": {...}
65 An object that defines which interfaces cjdns will bind to and what
66 peers to connect to. There are two different interfaces, UDPInter‐
67 face and ETHInterface, both of which are arrays. Within each array
68 there are a variety of different options
69
70 "bind": "..."
71 Defines what the interface should bind to. In UDPInterface, the
72 bind is an IP:PORT string, such as "0.0.0.0:12345", while in
73 ETHInterface the bind is a network interface, such as "eth0".
74
75 "beacon": Integer
76 This option is only found in ETHInterface and defines whether
77 auto-connecting beacons should be sent or listened to. This is
78 useful for a zeroconf local network.
79
80 0 -- Disabled.
81 1 -- Accept incoming beacons and try connecting to the
82 sender.
83 2 -- Accept incoming beacons and broadcast beacons to the
84 local network.
85
86 "connectTo": {...}
87 Defines which nodes cjdns should connect to with the specified
88 interface. Multiple nodes may be placed in a single "con‐
89 nectTo" as long as each are seperated by commas. If a node hap‐
90 pens to be offline or become offline during runtime, cjdns will
91 attempt to reconnect at regular intervals. The one difference
92 in this option between UDPInterface and ETHInterface is that
93 UDPInterface connects to an "IP:PORT" while ETHInterface con‐
94 nects to a MAC address.
95
96 UDPInterface Example:
97 "connectTo":
98 {
99 "1.2.3.4:54321":
100 {
101 "login": "login From Your Peer's authorizedPasswords",
102 "password": "password From Your Peer's authorizedPass‐
103 words",
104 "publicKey": "Your Peer's publicKey.k"
105 },
106 "5.6.7.8:46321":
107 {
108 "login": "cueball",
109 "password": "Correct Horse Battery Staple",
110 "publicKey": "Other Peer's publicKey.k"
111 }
112 }
113
114 "router": {...}
115 An object that holds configuration information on the router
116
117 "interface": {...}
118 Defines the type of interface used for connecting to the cjdns
119 network. It requires a "type" string, and optionally a "tunDe‐
120 vice" string. The "type" string defines the type of interface
121 used, however only "TUNInterface" is supported at the moment.
122 The "tunDevice" string defines the name of a persistent TUN
123 device to use, which is helpful for starting cjdroute as its
124 own user instead of root.
125
126 "ipTunnel": {...}
127 A system for tunneling ICANN IPv4 and ICANN IPv6 through cjdns.
128 This is using the cjdns switch layer as a VPN carrier.
129
130 NOTE: Simply editing your configuration file is not sufficient
131 to setting up an ipTunnel gateway. Please read through tun‐
132 nel/README.md in the cjdns git tree for more information
133
134 "allowedConnections": [...]
135 Nodes allowed to connect to us, specified by their public
136 key, and what IP address(es) to give them. It is fine to
137 only specify one address.
138
139 Example:
140
141 "allowedConnections":
142 [
143 {
144 "publicKey": "f64hfl7c4uxt6krmhPutTheRealAddressO‐
145 fANodeHere7kfm5m0.k",
146 "ip4Address": "192.168.1.24",
147 "ip4Prefix": 24,
148 "ip6Address": "2001:123:ab::10",
149 "ip6Prefix": 0
150 },
151 {
152 "publicKey": "ydq8csdk8p8ThisIsJustAnExampleAd‐
153 dresstxuyqdf27hvn2z0.k",
154 "ip4Address": "192.168.1.25",
155 "ip4Prefix": 24
156 }
157 ]
158
159 "outgoingConnections": [...]
160 An array of nodes to connect and ask for IP addresses.
161
162 Example:
163
164 "outgoingConnections":
165 [
166 "6743gf5tw80ExampleExampleExampleExam‐
167 plevlyb23zfnuzv0.k",
168 "pw9tfmr8pcrExampleExampleExampleExample8rhg1pgw‐
169 pwf80.k",
170 "g91lxyxhq0kExampleExampleExampleExam‐
171 ple6t0mknuhw75l0.k"
172 ]
173
174
175 "security": [...]
176 An array that defines what user to change to after startup and
177 whether to exempt the Angel process from this user change.
178
179 "setuser": "username"
180 User to switch to after startup, for security purposes. Default
181 value is "nobody".
182
183 "exemptAngel": Integer
184 Whether or not to exempt the Angel process from the user
185 change. The Angel is a small isolated piece of code which
186 exists outside of the core's strict sandbox but does not handle
187 network traffic. This option must be enabled for ipTunnel to
188 automatically set IP addresses for the TUN device.
189
190 0 -- False
191 1 -- True
192
193 "logging": {...}
194 Add or uncomment "logTo":"stdout" to have cjdns log to stdout
195 rather than making logs available via the admin socket
196
197 "noBackground": Integer
198 If set to a non-zero value, cjdns will not fork to the background.
199 Recommended for use in conjunction with "logTo":"stdout".
200
201 "dns": {...}
202 This section is used to configure the dns capabilities being added
203 to cjdns. Unfortunetly, there is no documentation for this DNS
204 section at this time.
205
206 "keys": [...]
207
208 "servers": [...]
209
210 "MinSignatures": Integer
211
212
213
215 /etc/cjdroute.conf
216 A common location for the configuration file.
217
218
220 cjdroute(1), cjdns(8)
221
222
223
224 2014-03-16 cjdroute.conf(5)