summaryrefslogtreecommitdiff
path: root/doc/catlfish-log.cfg.in.5.adoc
blob: 1f89aa27694219a8e2bbf94c24234744133c5302 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
:man source:   Catlfish
:man manual:   Catlfish Manual
CATLFISH-LOG.CFG.IN(5)
======================

NAME
----
catlfish-log.cfg.in - catlfish log configuration

OPTIONS
-------
   **apikeys**: (list of items)::
      List of internal API keys.
      Automatically added by the genconfig.sh script.

      **nodename**: __nodename__:::
          Name of the node, e.g. __frontend-1__

      **publickey**: __key__:::
          BASE64-encoded key

   **backup-quorum-size**: __number-of-nodes__::
       Number of secondary merge nodes that need to have an entry
       before the entry is considered properly sequenced.

   **baseurl**: __url__::
       Base URL for the log

   **cafingerprint**: __fingerprint__::
      SHA256 fingerprint of the Certificate Authority certificate that
      signs the X.509 certificates used by the internal API endpoints.
      Automatically added by the genconfig.sh script.

   **frontendnodes**: (list of items)::
      Frontend nodes are the nodes that are visible to the outside world.
      They accept submissions and answer read requests.

      **address**: __ip-address__:::
         IP address and port for the internal API, e.g. __10.0.0.1:8443__.

      **name**: __nodename__:::
         Name of the node, e.g. __frontend-1__.

      **publicaddress**: __ip-address__:::
         IP address and port for the external API, e.g. __10.0.0.1:443__.
      
   **logpublickey**: __key__::
      The log's public key in BASE64.
      Automatically added by the genconfig.sh script.

   **mergenodes**: (list of items)::
      Merge nodes are responsible for gathering the submissions from
      the storage nodes, sequence them, and distributing the completed
      log to the frontend nodes.

      **address**: __ip-address__:::
          IP address and port for the internal API, e.g. __10.0.0.1:8443__.
          This is only used by non-primary merge nodes, but since all
          merge nodes are both potential primary and non-primary nodes,
          this should be specified on all nodes.

      **name**: __nodename__:::
          Name of the node, e.g. __merge-1__.

   **mmd**: __seconds__::
      Maximum Merge Delay, the longest time between submission of a
      certificate until it appears on the frontend servers.

   **primarymergenode**: __nodename__::
      The name of the node that will perform the actual merge process.
      The other merge nodes will act as backup nodes.

   **signingnodes**: (list of items)::
      Signing nodes have access to the private key of the log. They
      sign SCTs on behalf of frontend nodes and sign STHs on behalf of
      merge nodes.

      **address**: __ip-address__:::
          IP address and port for the internal API, e.g. __10.0.0.1:8443__

      **name**: __nodename__:::
          Name of the node, e.g. __signing-1__

   **statusservers**: (list of items)::
//    write description here

      **address**: __ip-address__:::
//       write description here

      **name**: __nodename__:::
//       write description here

      **publicaddress**: __ip-address__:::
//       write description here

   **storage-quorum-size**: __number-of-nodes__::
      Number of storage nodes that need to have an entry
      before a frontend node replies that the entry has been
      received.

   **storage-sign-quorum-size**: __number-of-nodes__ (default: 0)::
      Number of storage nodes that need to have an entry
      before the signing node produced an SCT.

   **storagenodes**: (list of items)::
      A storage node is run on the same server as a frontend node and
      shares a database with it, but receives entries from all frontend
      nodes.

      **address**: __ip-address__:::
         IP address and port for the internal API, e.g. __10.0.0.1:8443__.

      **name**: __nodename__:::
         Name of the node. Normally the same as the frontend node that it
         shares its database with.

   **version**: __version__::
      Version of the configuration file.
      Automatically added by the genconfig.sh script.