1 fb1a36c0 2022-01-09 op .\" Copyright (c) 2021 Omar Polo <op@omarpolo.com>
3 fb1a36c0 2022-01-09 op .\" Permission to use, copy, modify, and distribute this software for any
4 fb1a36c0 2022-01-09 op .\" purpose with or without fee is hereby granted, provided that the above
5 fb1a36c0 2022-01-09 op .\" copyright notice and this permission notice appear in all copies.
7 fb1a36c0 2022-01-09 op .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 fb1a36c0 2022-01-09 op .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 fb1a36c0 2022-01-09 op .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
10 fb1a36c0 2022-01-09 op .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 fb1a36c0 2022-01-09 op .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
12 fb1a36c0 2022-01-09 op .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
13 fb1a36c0 2022-01-09 op .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 fb1a36c0 2022-01-09 op .Dd $Mdocdate: December 14 2021 $
16 fb1a36c0 2022-01-09 op .Dt KAMID.CONF 5
19 fb1a36c0 2022-01-09 op .Nm kamid.conf
20 fb1a36c0 2022-01-09 op .Nd 9p file server daemon configuration file
21 fb1a36c0 2022-01-09 op .Sh DESCRIPTION
23 fb1a36c0 2022-01-09 op is the configuration file for the 9p file server daemon
26 fb1a36c0 2022-01-09 op The format of the configuration file is fairly flexible.
27 fb1a36c0 2022-01-09 op The current line can be extended over multiple lines using a backslash
29 fb1a36c0 2022-01-09 op Comments can be put anywhere in the file using a hash mark
31 fb1a36c0 2022-01-09 op and extend to the end of the current line.
32 fb1a36c0 2022-01-09 op Care should be taken when commenting out multi-line text: the comment is
33 fb1a36c0 2022-01-09 op effective until the end of the entire block.
34 fb1a36c0 2022-01-09 op Arguments names not beginning with a letter, digit, or underscore, as
35 fb1a36c0 2022-01-09 op well as reserved words
41 fb1a36c0 2022-01-09 op must be quoted.
42 fb1a36c0 2022-01-09 op Arguments containing whitespace should be surrounded by double quotes
45 fb1a36c0 2022-01-09 op Macros can be defined that are later expanded in context.
46 fb1a36c0 2022-01-09 op Macro names must start with a letter, digit, or underscore, and may
47 fb1a36c0 2022-01-09 op contain any of those characters, but may not be reserved words.
48 fb1a36c0 2022-01-09 op Macros are not expanded inside quotes.
50 fb1a36c0 2022-01-09 op .Bd -literal -offset indent
51 fb1a36c0 2022-01-09 op lan_addr = "192.168.0.1"
52 fb1a36c0 2022-01-09 op listen on $lan_addr
53 fb1a36c0 2022-01-09 op listen on $lan_addr tls auth <users>
56 fb1a36c0 2022-01-09 op Additional configuration files can be included with the
58 fb1a36c0 2022-01-09 op keyword, for example:
59 fb1a36c0 2022-01-09 op .Bd -literal -offset indent
60 fb1a36c0 2022-01-09 op include "/etc/kamid.conf.local"
65 fb1a36c0 2022-01-09 op is described below.
66 fb1a36c0 2022-01-09 op .Bl -tag -width Ds
67 fb1a36c0 2022-01-09 op .It Ic listen Op Ar options...
68 fb1a36c0 2022-01-09 op The options are as follows:
69 fb1a36c0 2022-01-09 op .Bl -tag -width Ds
70 fb1a36c0 2022-01-09 op .It Ic on Ar address Ic port Ar number
73 fb1a36c0 2022-01-09 op for incoming connection on the given port
76 fb1a36c0 2022-01-09 op can be an IP address or a domain name.
77 fb1a36c0 2022-01-09 op .It Ic tls Ic pki Ar name
78 fb1a36c0 2022-01-09 op Use the tls certificate
80 fb1a36c0 2022-01-09 op previously defined with the
83 fb1a36c0 2022-01-09 op .It Ic auth Pf < Ar table Ns >
84 fb1a36c0 2022-01-09 op Use the given authentication
86 fb1a36c0 2022-01-09 op to authorize the clients.
87 fb1a36c0 2022-01-09 op .It Ic userdata Pf < Ar table Ns >
89 fb1a36c0 2022-01-09 op .Pq virtuals or not
90 fb1a36c0 2022-01-09 op to their exported tree.
91 fb1a36c0 2022-01-09 op By default the user home directory obtained with
92 fb1a36c0 2022-01-09 op .Xr getpwnam 3
94 fb1a36c0 2022-01-09 op .It Ic virtual Pf < Ar table Ns >
95 fb1a36c0 2022-01-09 op Maps virtual users to local user.
97 fb1a36c0 2022-01-09 op .It Ic pki Ar pkiname Ic cert Ar certfile
98 fb1a36c0 2022-01-09 op Associate certificate file
100 fb1a36c0 2022-01-09 op with pki entry
101 fb1a36c0 2022-01-09 op .Ar pkiname .
102 fb1a36c0 2022-01-09 op The pki entry defines a keypair configuration that can be referenced in
103 fb1a36c0 2022-01-09 op listener rules.
104 fb1a36c0 2022-01-09 op .It Ic pki Ar pkiname Ic key Ar keyfile
105 fb1a36c0 2022-01-09 op Associate the key located in
107 fb1a36c0 2022-01-09 op with pki entry
108 fb1a36c0 2022-01-09 op .Ar pkiname .
109 fb1a36c0 2022-01-09 op .\" TODO: document the other syntax for the table
110 fb1a36c0 2022-01-09 op .It Ic table Ar name Brq Ar value Cm => Ar value Oo , Ar ... Oc
111 fb1a36c0 2022-01-09 op Tables provide additional configuration information for
113 fb1a36c0 2022-01-09 op in the form of key-value mappings.
115 fb1a36c0 2022-01-09 op Declare a mapping table containing the given static
116 fb1a36c0 2022-01-09 op .Ar key Ns Pf - Ar value
120 fb1a36c0 2022-01-09 op A sample configuration file:
121 fb1a36c0 2022-01-09 op .Bd -literal -offset indent
122 fb1a36c0 2022-01-09 op pki localhost cert "/etc/ssl/localhost.crt"
123 fb1a36c0 2022-01-09 op pki localhost key "/etc/ssl/private/localhost.key"
125 fb1a36c0 2022-01-09 op table users { "SHA256:..." => "op" }
127 fb1a36c0 2022-01-09 op listen on localhost port 1337 tls pki localhost auth <users>
130 fb1a36c0 2022-01-09 op .Xr kamictl 8 ,