-
Notifications
You must be signed in to change notification settings - Fork 36
Expand file tree
/
Copy pathconfig.sample.yaml
More file actions
65 lines (59 loc) · 2.85 KB
/
config.sample.yaml
File metadata and controls
65 lines (59 loc) · 2.85 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
webserver:
# For IPv6, set the listen_addr to "::"
listen_addr: "0.0.0.0"
listen_port: 8080
# If you want to use a reverse proxy in front of the server, set this to true
# It will use the X-Forwarded-For header to get the real IP of the client
real_ip: false
full_url: "/full-stream"
lite_url: "/"
domains_only_url: "/domains-only"
cert_path: ""
cert_key_path: ""
# specify if the server should attempt to negotiate per message compression (RFC 7692)
compression_enabled: false
prometheus:
enabled: true
listen_addr: "0.0.0.0"
listen_port: 8080
metrics_url: "/metrics"
expose_system_metrics: false
real_ip: false
whitelist:
- "127.0.0.1/8"
general:
# DisableDefaultLogs indicates whether the default logs used in Google Chrome and provided by Google should be disabled.
disable_default_logs: false
# When you want to add logs that are not contained in the log list provided by
# Google (https://www.gstatic.com/ct/log_list/v3/log_list.json), you can add them here.
#additional_logs:
# - url: https://ct.googleapis.com/logs/us1/mirrors/digicert_nessie2022
# operator: "DigiCert"
# description: "DigiCert Nessie2022 log"
#additional_tiled_logs:
# - url: https://ct.cloudflare.com/logs/raio2025h2b/
# operator: "Cloudflare"
# description: "Cloudflare 'Raio2025h2b'"
# To optimize the performance of the server, you can overwrite the size of different buffers
# For low CPU, low memory machines, you should reduce the buffer sizes to save memory in case the CPU is maxed.
buffer_sizes:
# Buffer for each websocket connection
websocket: 300
# Buffer for each CT log connection
ctlog: 1000
# Combined buffer for the broadcast manager
broadcastmanager: 10000
# Google regularly updates the log list. If this option is set to true, the server will remove all logs no longer listed in the Google log list.
# This option defaults to true. See https://github.com/d-Rickyy-b/certstream-server-go/issues/51
drop_old_logs: true
# Options for resuming certificate downloads after restart
recovery:
# If enabled, the server will resume downloading certificates from the last processed and stored index for each log.
# If there is no ct_index_file or for a specific log there is no index entry, the server will start from index 0.
# Be aware that this leads to a massive number of certificates being downloaded.
# Depending on your server's performance and network connection, this could be up to 10.000 certificates per second.
# Make sure your infrastructure can handle this!
enabled: true
# Path to the file where indices are stored. Be aware that a temp file in the same path with the same name and ".tmp" as suffix will be created.
# If there are no write permissions to the path, the server will not be able to store the indices.
ct_index_file: "./ct_index.json"