github.com/google/fleetspeak@v0.1.15-0.20240426164851-4f31f62c1aea/fleetspeak/server-pkg-tmpl/etc/fleetspeak-server/configurator.config (about) 1 # An example fleetspeak configuration file, as needed by the fleetspeak-config 2 # tool. 3 # 4 # This is a text format fleetspeak.config.Config protocol buffer. 5 # 6 # Detailed docs in: 7 # https://github.com/google/fleetspeak/blob/master/fleetspeak/src/config/proto/fleetspeak_config/config.proto 8 # https://github.com/google/fleetspeak/blob/master/fleetspeak/src/components/proto/fleetspeak_components/config.proto 9 10 ### Configuration name. 11 # 12 # May appear in certificates generated by the fleetspeak-config tool. 13 14 ############ CHANGE ME ############### 15 configuration_name: "Lazy Corp" 16 17 ### Server component configuration 18 components_config { 19 20 ### Mysql connection string. 21 # 22 # See: https://github.com/go-sql-driver/mysql#dsn-data-source-name 23 24 ############ CHANGE ME ############### 25 mysql_data_source_name: "root:@tcp(127.0.0.1:3306)/db" 26 27 ### PROXY protocol support 28 # 29 # Uncomment if your fleetspeak server will run behind a load balancer. The 30 # load balancer must implement the PROXY protocol in order to provide 31 # FS with the correct observed client IP. 32 # 33 # https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt 34 35 # proxy_protocol: true 36 37 ### Basic client filtering 38 # 39 # If set, the server will perform a basic sanity check that the client is 40 # meant for this server installation. To use, set to something specific to 41 # this installation. 42 43 # required_label: "lazy-corp" 44 45 https_config { 46 47 ### Listen address 48 # 49 # The bind address that FS server processes will listen to. Dependent on your 50 # intended network configuration. Also see public_host_port, below. 51 52 ############ CHANGE ME ############### 53 listen_address: "localhost:443" 54 } 55 56 admin_config { 57 ### Listen address for the admin GRPC endpoint. 58 # 59 # Note: this should be kept local or on an internal network, or protected 60 # by a firewall. Whoever has access to this endpoint, can send messages 61 # to Fleetspeak clients. 62 63 listen_address: "localhost:9000" 64 } 65 66 ### Notification addresses 67 # 68 # If your installation will use multiple Fleetspeak servers and streaming 69 # connections (the default) to clients, it is strongly recommended to 70 # configure message notifications between servers. To do this, uncomment the 71 # field below to open the notification port. The notification port is not 72 # meant to be publicly accessible, but will need to be reachable from other 73 # servers. 74 # 75 # By default, each server will guess the hostname and port to advertise to 76 # other servers. To override this guess, you can set 77 # notification_public_address in each individual server configuration file. 78 79 # notification_listen_address: ":8080" 80 } 81 82 ### Trusted certificate 83 # 84 # If this file does not exist, a certificate and key file will be created in 85 # the locations configured here. 86 # 87 # Clients will be configured to trust server certificates chained back to this, 88 # and the associated private key should be considered sensitive. 89 # 90 # The key for this certificate is only required by the configuration tool if it 91 # is needs to mint a new server certificate. Serious users should consider 92 # keeping the key offline, in an HSM, etc. 93 94 trusted_cert_file: "/etc/fleetspeak-server/ca.pem" 95 trusted_cert_key_file: "/etc/fleetspeak-server/ca-key.pem" 96 97 ### Server certificate 98 # 99 # If this file does not exist, a certificate and key file will be created in the 100 # locations configured here, and signed using the trusted certificate, above. 101 # 102 # The resulting server configuration will identify itself using this key. 103 104 server_cert_file: "/etc/fleetspeak-server/server.pem" 105 server_cert_key_file: "/etc/fleetspeak-server/server-key.pem" 106 107 ### Public server addresses 108 # 109 # The public hostnames or IP addresses through the FS servers will be visible to 110 # the FS clients. Dependent on your planned network configuration. 111 # 112 # The server certificate must cover these addresses. You will need to take care 113 # of this if you generate your own server certificates. You will need to 114 # regenerate any server certificate if these change. 115 116 # ########### CHANGE ME ############### 117 # public_host_port: "fs.lazy-corp.com:443" 118 # public_host_port: "10.0.0.5:443" 119 public_host_port: "localhost:443" 120 121 ### Output files 122 # 123 # The location to write the server component configuration. 124 # 125 # The fleetspeak-config program will write this file, and it should be copied 126 # to every fleetspeak server in your installation. 127 server_component_configuration_file: "/etc/fleetspeak-server/server.components.config" 128 129 # The location to write the linux client configuration file. To use with the 130 # provided generic client package, copy this to 131 # "/etc/fleetspeak-client/configuration" 132 linux_client_configuration_file: "/etc/fleetspeak-server/linux.client.configuration" 133 134 # The location to write the darwin client configuration file. 135 darwin_client_configuration_file: "/etc/fleetspeak-server/darwin.client.configuration" 136 137 # The location to write the windows client configuration file. 138 windows_client_configuration_file: "/etc/fleetspeak-server/windows.client.configuration"