Lokinet config files¶
This guide shows the different config files and their associated sections, keys and values.
Table of contents:¶
lokinet.ini¶
Example lokinet.ini files¶
Windows¶
Expand for Windows example
Default file location: C:\Users\Username\AppData\Roaming\.lokinet\lokinet.ini
# this configuration was auto generated with 'sane' defaults
# change these values as desired
[router]
# number of crypto worker threads
threads=4
# path to store signed RC
contact-file=C:\Users\Goose\AppData\Roaming\.lokinet\self.signed
# path to store transport private key
transport-privkey=C:\Users\Goose\AppData\Roaming\.lokinet\transport.private
# path to store identity signing key
ident-privkey=C:\Users\Goose\AppData\Roaming\.lokinet\identity.private
# encryption key for onion routing
encryption-privkey=C:\Users\Goose\AppData\Roaming\.lokinet\encryption.private
# uncomment following line to set router nickname to 'lokinet'
# nickname=lokinet
# admin api (disabled by default)
[api]
enabled=false
# authkey=insertpubkey1here
# authkey=insertpubkey2here
# authkey=insertpubkey3here
bind=127.0.0.1:1190
# system settings for priviledges and such
[system]
# user=lokinet
# group=lokinet
# dns provider configuration section
[dns]
# CloudFare + APNIC DNS Resolver
upstream=1.1.1.1
# Google DNS resolver
upstream=8.8.8.8
bind=127.0.0.1:53
# network database settings block
[netdb]
# directory for network database skiplist storage
dir=C:\Users\Goose\AppData\Roaming\.lokinet\netdb
# bootstrap settings
[bootstrap]
# add a bootstrap node's signed identity to the list of nodes we want to bootstrap from
# if we don't have any peers we connect to this router
add-node=C:\Users\Goose\AppData\Roaming\.lokinet\bootstrap.signed
# add another bootstrap node
#add-node=/path/to/alternative/self.signed
# network settings
[network]
profiles=C:\Users\Goose\AppData\Roaming\.lokinet\profiles.dat
# uncomment next line to add router with pubkey to list of routers we connect directly to
#strict-connect=pubkey
# uncomment next line to use router with pubkey as an exit node
#exit-node=pubkey
ifname=lokitun0
ifaddr=172.16.10.1/24
enabled=true
# Store the keyfile of your snapp in specified location.
# This enforces the same .loki address when serving a SNApp.
keyfile=C:\Users\Goose\AppData\Roaming\.lokinet\example-snap-keyfile.private
Linux¶
Expand for Linux example
Default file location: /home/username/.lokinet/lokinet.ini
# this configuration was auto generated with 'sane' defaults
# change these values as desired
[router]
# number of crypto worker threads
threads=4
# path to store signed RC
contact-file=/home/goose/.lokinet/self.signed
# path to store transport private key
transport-privkey=/home/goose/.lokinet/transport.private
# path to store identity signing key
ident-privkey=/home/goose/.lokinet/identity.private
# encryption key for onion routing
encryption-privkey=/home/goose/.lokinet/encryption.private
# uncomment following line to set router nickname to 'lokinet'
# nickname=lokinet
# admin api (disabled by default)
[api]
enabled=false
# authkey=insertpubkey1here
# authkey=insertpubkey2here
# authkey=insertpubkey3here
bind=127.0.0.1:1190
# system settings for priviledges and such
[system]
user=lokinet
group=lokinet
# dns provider configuration section
[dns]
# resolver
upstream=1.1.1.1
bind=127.3.2.1:53
# network database settings block
[netdb]
# directory for network database skiplist storage
dir=/home/goose/.lokinet/netdb
# bootstrap settings
[bootstrap]
# add a bootstrap node's signed identity to the list of nodes we want to bootstrap from
# if we don't have any peers we connect to this router
add-node=/home/goose/.lokinet/bootstrap.signed
# add another bootstrap node
#add-node=/path/to/alternative/self.signed
# snapps configuration section
[services]
#uncomment next line to load a service.ini file.
#example-snapp=/home/goose/.lokinet/snapp-example.ini
# network settings
[network]
profiles=/home/modeify/.lokinet/profiles.dat
# uncomment next line to add router with pubkey to list of routers we connect d$
strict-connect=3dcb5a34d015a7bbb4636be83991e00cbeff13fe7834e0d5452ffe9a5af5a5be
# uncomment next line to use router with pubkey as an exit node
exit-node=b61df944b8547af56201c6c7528ed86289566dcf73358c5ef8e3b4e628671399
ifname=lokitun0
ifaddr=172.16.10.1/24
enabled=true
#Store the keyfile of your snapp in specified location.
#This enforces the same .loki address when serving a SNApp.
keyfile=/home/<user>/.lokinet/example-snap-keyfile.private
[router]¶
| Key | Defaults | Range | Description |
|---|---|---|---|
threads= |
4 | 0 -<#cores> |
Number of crypto worker threads |
contact-file= |
Windows: C:\Users\AppData\Roaming\.lokinet\self.signedLinux: /home/.lokinet/self.signed |
Any filepath | Path to store signed RC |
transport-privkey= |
Windows: C:\Users\AppData\Roaming\.lokinet\transport.privateLinux: /home/.lokinet/transport.private |
Any filepath | Path to store transport private key |
ident-privkey= |
Windows: C:\Users\AppData\Roaming\.lokinet\identity.privateLinux: /home/.lokinet/identity.private |
Any filepath | Path to store identity signing key |
encryption-privkey= |
Windows: C:\Users\AppData\Roaming\.lokinet\encryption.privateLinux: /home/.lokinet/encryption.private |
Any filepath | Encryption key for onion routing |
nickname= |
lokinet | 32 Byte | Nickname set for Router |
[api]¶
| Key | Defaults | Range | Description |
|---|---|---|---|
enabled= |
false |
false, true |
Enable API calls to daemon |
authkey= |
insertpubkey1here |
Not implemented | Add API authentication key |
bind= |
127.0.0.1:1190 |
0.0.0.0 (only for testing), 127.0.0.1:<port> (loopback), Any IP bound to an adapter / interface on the computer |
The IP a machine can connect to the daemon to parse API calls |
[system]¶
| Key | Defaults | Range | Description |
|---|---|---|---|
user |
lokinet | Not implemented | Lokinet to drop privileges to this user after performing root tasks. |
group |
lokinet | Not implemented | Lokinet to drop privileges to this group after performing root tasks. |
[dns]¶
| Key | Defaults | Range | Description |
|---|---|---|---|
upstream= |
1.1.1.1 |
Any DNS Directory | Resolves clearnet addresses if .loki address is not queried. Choose your DNS directory, multiple directories can be added by adding a new line with upstream=<DNS Directory IP> |
bind= |
127.0.0.1:53 |
Any IP address that is set within resolv.conf file. Linux has an exception to the default and must be changed, See lokinet installion for further details. |
Resolves lokinet addresses. Tells Lokinet where to set up the server to receive lokinet address queries. Port should be kept at 53 in most cases. |
[netdb]¶
| Key | Defaults | Range | Description |
|---|---|---|---|
dir= |
Windows: C:\Users\<user>\AppData\Roaming\.lokinet\netdbLinux: /home/<user>/.lokinet/netdb |
filepath | Directory for network database skiplist storage |
[bootstrap]¶
| Key | Defaults | Range | Description |
|---|---|---|---|
add-node= |
Windows: C:\Users\<user>\AppData\Roaming\.lokinet\bootstrap.signedLinux: /home/<user>/.lokinet/bootstrap.signed |
Any filepath | If we don't have any peers to connect to add a bootstrap node's signed identity to the list of nodes we want to bootstrap from. Add another bootstrap node by adding another line with add-node=<filepath> |
[network]¶
| Key | Defaults | Range | Description |
|---|---|---|---|
profiles= |
Windows: C:\Users\<user>\AppData\Roaming\.lokinet\profiles.datLinux: /home/<user>/.lokinet/profiles.dat |
Any filepath | Location to save the log of up-time about routers you connect to. |
strict-connect= |
pubkey |
Any lokinet relay node pubkey | Enforce a strict first hop router with it's pubkey. |
exit-node= |
pubkey |
Any lokinet exit node pubkey | Enforce a strict exit node with it's pubkey. |
ifname= |
lokitun0 |
Character limit based on OS | Set the interface name of the IP set in the ifaddr= in the next line of the config file. |
ifaddr= |
172.16.10.1/24 |
Any IP can be set that is not in use. | Set the IP connected to the interface name set in ifname= in the previous line of the config file. |
keyfile= |
Windows: C:\Users\<user>\AppData\Roaming\.lokinet\example-snap-keyfile.privateLinux: /home/<user>/.lokinet/example-snap-keyfile.private |
Any filepath | Set a persistent SNApp by saving the private key into a local file. |
enabled= |
True | True, False | Enable this network section |
[bind]¶
| Key | Defaults | Range | Description |
|---|---|---|---|
<network_interface_name>= |
1090 | <port> you listen on that adapter. |
ROUTERS ONLY: publish network interfaces for handling inbound traffic Example: eth0=1090 |
[services]¶
| Key | Defaults | Range | Description |
|---|---|---|---|
<name>= |
Windows: C:\Users\<user>\AppData\Roaming\.lokinet\service.iniLinux: /home/<user>/.lokinet/service.ini |
Any filepath | Load services file. Can run multiple lines of this Key to run multiple services. See service.ini for more details. |
service.ini¶
The service.ini is being pulled from the [services] section of
lokinet.ini.The section title can be anything for example: [any_string]
Example service.ini files¶
Windows¶
Expand for Windows example
Default file location: Path is set within your lokinet.ini file
# this is an example configuration for a snapp
[example-snapp]
# keyfile is the path to the private key of the snapp
keyfile=C:\Users\Username\AppData\Roaming\.lokinet\example-snap-keyfile.private
# ifaddr is the ip range to allocate to this snapp
ifaddr=10.55.0.0/16
# ifname is the name to try and give to the network interface this snap owns
ifname=snapp-tun0
Linux¶
Expand for Linux example
Default file location: Path is set within your lokinet.ini file
# this is an example configuration for a snapp
[example-snapp]
# keyfile is the path to the private key of the snapp
keyfile=/home/goose/.lokinet/example-snap-keyfile.private
# ifaddr is the ip range to allocate to this snapp
ifaddr=10.55.0.0/16
# ifname is the name to try and give to the network interface this snap owns
ifname=snapp-tun0
[any_string]¶
| Key | Defaults | Range | Description |
|---|---|---|---|
profiles= |
Windows: C:\Users\<user>\AppData\Roaming\.lokinet\profiles.datLinux: /home/<user>/.lokinet/profiles.dat |
Any filepath | Location to save the log of up-time about routers you connect to. |
strict-connect= |
pubkey | Any lokinet relay node pubkey | Enforce a strict first hop router with it's pubkey. |
exit-node= |
pubkey | Any lokinet exit node pubkey | Enforce a strict exit node with it's pubkey. |
ifname= |
lokitun0 | Character limit based on OS | Set the interface name of the IP set in the ifaddr= in the next line of the config file. |
ifaddr= |
172.16.10.1/24 | Any IP can be set that is not in use. | Set the IP connected to the interface name set in ifname= in the previous line of the config file. |
keyfile= |
Windows: C:\Users\<user>\AppData\Roaming\.lokinet\example-snap-keyfile.privateLinux: /home/<user>/.lokinet/example-snap-keyfile.private |
Any filepath | Set a persistent SNApp by saving the private key into a local file. |
upstream= |
1.1.1.1 | Any DNS Directory | Resolves clearnet addresses if .loki address is not queried. Choose your DNS directory, multiple directories can be added by adding a new line with upstream=<DNS Directory IP> |
bind= |
127.0.0.1:53 | Any IP address that is set within resolv.conf file. Linux has an exception to the default and must be changed, See lokinet installion for further details. |
Resolves lokinet addresses. Tells Lokinet where to set up the server to receive lokinet address queries. Port should be kept at 53 in most cases. |
enabled= |
True | True, False | Enable this network section |