1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
:man source: Catlfish
:man manual: Catlfish Manual
CATLFISH-LOG.CFG.IN(5)
======================
NAME
----
catlfish-log.cfg.in - catlfish log configuration
OPTIONS
-------
**apikeys**: (list of items)::
List of internal API keys.
Automatically added by the genconfig.sh script.
**nodename**: __nodename__:::
Name of the node, e.g. __frontend-1__
**publickey**: __key__:::
BASE64-encoded key
**backup-quorum-size**: __number-of-nodes__::
Number of secondary merge nodes that need to have an entry
before the entry is considered properly sequenced.
**baseurl**: __url__::
Base URL for the log
**cafingerprint**: __fingerprint__::
SHA256 fingerprint of the Certificate Authority certificate that
signs the X.509 certificates used by the internal API endpoints.
Automatically added by the genconfig.sh script.
**frontendnodes**: (list of items)::
Frontend nodes are the nodes that are visible to the outside world.
They accept submissions and answer read requests.
**address**: __ip-address__:::
IP address and port for the internal API, e.g. __10.0.0.1:8443__.
**name**: __nodename__:::
Name of the node, e.g. __frontend-1__.
**publicaddress**: __ip-address__:::
IP address and port for the external API, e.g. __10.0.0.1:443__.
**logpublickey**: __key__::
The log's public key in BASE64.
Automatically added by the genconfig.sh script.
**mergenodes**: (list of items)::
Merge nodes are responsible for gathering the submissions from
the storage nodes, sequence them, and distributing the completed
log to the frontend nodes.
**address**: __ip-address__:::
IP address and port for the internal API, e.g. __10.0.0.1:8443__.
This is only used by non-primary merge nodes, but since all
merge nodes are both potential primary and non-primary nodes,
this should be specified on all nodes.
**name**: __nodename__:::
Name of the node, e.g. __merge-1__.
**mmd**: __seconds__::
Maximum Merge Delay, the longest time between submission of a
certificate until it appears on the frontend servers.
**primarymergenode**: __nodename__::
The name of the node that will perform the actual merge process.
The other merge nodes will act as backup nodes.
**signingnodes**: (list of items)::
Signing nodes have access to the private key of the log. They
sign SCTs on behalf of frontend nodes and sign STHs on behalf of
merge nodes.
**address**: __ip-address__:::
IP address and port for the internal API, e.g. __10.0.0.1:8443__
**name**: __nodename__:::
Name of the node, e.g. __signing-1__
**statusservers**: (list of items)::
// write description here
**address**: __ip-address__:::
// write description here
**name**: __nodename__:::
// write description here
**publicaddress**: __ip-address__:::
// write description here
**storage-quorum-size**: __number-of-nodes__::
Number of storage nodes that need to have an entry
before a frontend node replies that the entry has been
received.
**storage-sign-quorum-size**: __number-of-nodes__ (default: 0)::
Number of storage nodes that need to have an entry
before the signing node produced an SCT.
**storagenodes**: (list of items)::
A storage node is run on the same server as a frontend node and
shares a database with it, but receives entries from all frontend
nodes.
**address**: __ip-address__:::
IP address and port for the internal API, e.g. __10.0.0.1:8443__.
**name**: __nodename__:::
Name of the node. Normally the same as the frontend node that it
shares its database with.
**version**: __version__::
Version of the configuration file.
Automatically added by the genconfig.sh script.
|
