# This configuration file uses the YAML format.
# ~ means "no value" (i.e. "default value")
# Replace it by a value and put quotes (") around values with special characters
# List items start with a dash and a space (- )
# Note that the whitespace before the settings names is important for the file structure


listen: 3210                # The port number or ip:port on which to listen for data.

peers:                      # Address of a peer to connect to. 
                            # The address should be in the form `addr:port`.
                            # Put [] for an empty list
  - node2.example.com:3210
  - node3.example.com:3210

crypto:                     # Crypto settings
  password: ~  # <-- CHANGE # A password to encrypt the VPN data.
  private-key: ~            # Private key (alternative to password)
  public-key: ~             # Public key (alternative to password)
  trusted-keys: []          # Trusted keys (alternative to password)
                            # Replace [] with list of keys

ip: ~          # <-- CHANGE # An IP address to set on the device, e.g. 10.0.0.1
                            # Must be different for every node on the VPN


# ------------------ Advanced features ahead --------------------

auto-claim: true            # Whether to automatically claim the configured IP on tun devices

claims:                     # The local subnets to use. This parameter should be in the form
                            # `address/prefixlen` where address is an IPv4 address, an IPv6 address, or a
                            # MAC address. The prefix length is the number of significant front bits that
                            # distinguish the subnet from other subnets.
#  - 10.1.1.0/24

ifup: ~                     # Command to setup the interface. Use $IFNAME for interface name.
ifdown: ~                   # Command to tear down the interface. Use $IFNAME for interface name.

device:                     # Device settings
  name: "vpncloud%d"        # Name of the virtual device. Any `%d` will be filled with a free number.
  type: tun                 # Set the type of network. There are two options: **tap** devices process
                            # Ethernet frames **tun** devices process IP packets. [default: `tun`]
  path: "/dev/net/tun"      # Path of the tun device
  fix-rp-filter: false      # Whether to fix detected rp-filter problems

mode: normal                # Mode to run in, "normal", "hub", "switch", or "router" (see manpage)

port-forwarding: true       # Try to map a port on the router

switch-timeout: 300         # Switch timeout in seconds (switch mode only)

peer-timeout: 300           # Peer timeout in seconds
keepalive: ~                # Keepalive interval in seconds

beacon:                     # Beacon settings
  store: ~                  # File or command (prefix: "|") to use for storing beacons
  load: ~                   # File or command (prefix: "|") to use for loading beacons  
  interval: 3600            # How often to load and store beacons (in seconds)
  password: ~               # Password to encrypt beacon data with

statsd:                     # Statsd settings
  server: ~                 # Statsd server name:port
  prefix: ~                 # Prefix to use for stats keys

pid-file: ~                 # Store the process id in this file when running in the background
stats-file: ~               # Periodically write statistics on peers and current traffic to the given file

hook: ~                     # Hook script to run for every event
hooks: {}                   # Multiple hook scripts to run for specific events



# Copy this template and save it to a file named /etc/vpncloud/MYNET.net (replace MYNET with your network name)
#
# On systems using systemd (most common):
#    start/stop the network:            service vpncloud@MYNET start/stop
#    enable/disable automatic startup:  systemctl enable/disable vpncloud@MYNET
#
# On older systems (using sysv init):
#    Add the network name to /etc/default/vpncloud
#    start/stop all VpnCloud networks:  /etc/init.d/vpncloud start/stop