-
Notifications
You must be signed in to change notification settings - Fork 41
/
Copy pathengarde.yml.sample
59 lines (58 loc) · 3.74 KB
/
engarde.yml.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
---
# Client configuration
client:
# A custom description for this client instance. It will be displayed on startup and in the management interface to help you identifying it.
description: "My engarde-client instance"
# This is the engarde listen address: WireGuard peer endpoint will need to point here.
listenAddr: "127.0.0.1:59401"
# This is the address of the engarde server on the other side
dstAddr: "1.2.3.4:59501"
# A timeout in milliseconds for socket writes. You can try to lower it if you're experiencing latency peaks, or raising it if the connection is unstable.
# You can disable write timeout by setting a negative value (like -1), but it's easy to have issues if you need low latency.
writeTimeout: 10
# By default, engarde sends packets through all the available network interfaces.
# You will probably need to exclude some interfaces (Bluetooth or virtual ones, for example).
# Lauch "engarde-client list-interfaces" to show all the detected interfaces, and form your own list based on that.
# If you don't need to exclude any interface, you can omit this or just write `excludedInterfaces: []`
excludedInterfaces:
- "Local Area Connection 2"
- "VirtualBox Host-Only Network"
- "Bluetooth Network Connection"
- "Loopback Pseudo-Interface 1"
# Sometimes, over specific network interfaces, it's useful to reach the server through another IP address.
# This is the case if there are two totally separated networks between the client and the server, with different IP addresses.
# You can specify an array of maps where you specify the network interface name and the destination address to use for this interface.
# If you don't need to override anything, you can omit this or just write `dstOverrides: []`
dstOverrides:
- ifName: "Local Area Connection 4"
dstAddr: "5.6.7.8:59501"
# You can control engarde-client by accessing the web management interface. Here you can specify its parameters.
# If you don't want a management interface, you can omit this section.
webManager:
# The address to listen to. Leave it empty to disable the management webserver.
listenAddr: "0.0.0.0:9001"
# The credentials to access the management interface. Leave them empty or omit them for no authentication.
username: "engarde"
password: "engarde"
# Server configuration
server:
# A custom description for this server instance. It will be displayed on startup and in the management interface to help you identifying it.
description: "My engarde-server instance"
# This is the engarde listen address: the clients will connect here.
listenAddr: "0.0.0.0:59501"
# The destination address to contact WireGuard on the server
dstAddr: "127.0.0.1:59301"
# Client timeout in seconds. If a client doesn't send any packet for n seconds, engarde stops sending it packets.
# You will need to set it to a slightly higher value than the PersistentKeepalive option in WireGuard clients.
clientTimeout: 30
# A timeout in milliseconds for socket writes. You can try to lower it if you're experiencing latency peaks, or raising it if the connection is unstable.
# You can disable write timeout by setting a negative value (like -1), but it's easy to have issues if you need low latency.
writeTimeout: 10
# You can control engarde-server by accessing the web management interface. Here you can specify its parameters.
# If you don't want a management interface, you can omit this section.
webManager:
# The address to listen to. Leave it empty to disable the management webserver.
listenAddr: "0.0.0.0:9001"
# The credentials to access the management interface. Leave them empty or omit them for no authentication.
username: "engarde"
password: "engarde"