forked from parallaxsecond/parsec
-
Notifications
You must be signed in to change notification settings - Fork 0
/
config.toml
78 lines (64 loc) · 3.16 KB
/
config.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
# Parsec Configuration File
# (Required) Core settings apply to the service as a whole rather than to individual components within it.
[core_settings]
# Size of the thread pool used for processing requests. Defaults to the number of processors on
# the machine.
#thread_pool_size = 8
# Duration of sleep when the connection pool is empty. This can limit the response
# times for requests and so should be set to a low number. Default value is 10.
#idle_listener_sleep_duration = 10 # in milliseconds
# Log level to be applied across the service. Can be overwritten for certain modules which have the same
# configuration key. Possible values: "debug", "info", "warn", "error", "trace"
#log_level = "warn"
# Control whether log entries contain a timestamp.
#log_timestamp = false
# Decide how large (in bytes) request bodies can be before they get rejected automatically.
# Defaults to 1MB.
#body_len_limit = 1048576
# (Required) Configuration for the service IPC listener component.
[listener]
# (Required) Type of IPC that the service will support.
listener_type = "DomainSocket"
# (Required) Timeout of the read and write operations on the IPC channel. After the
# timeout expires, the connection is dropped.
timeout = 200 # in milliseconds
# (Required) Configuration for the components managing key IDs for providers.
# Defined as an array of tables: https://github.com/toml-lang/toml#user-content-array-of-tables
[[key_manager]]
# (Required) Name of the key ID manager. Used to tie providers to the manager supporting them.
name = "on-disk-manager"
# (Required) Type of key ID manager to be used.
manager_type = "OnDisk"
# Path to the location where the mapping will be persisted (in this case, the filesystem path)
#store_path = "./mappings"
# (Required) Provider configurations.
# Defined as an array of tables: https://github.com/toml-lang/toml#user-content-array-of-tables
[[provider]]
# (Required) Type of provider.
provider_type = "MbedCrypto"
# (Required) Name of key ID manager that will support this provider.
key_id_manager = "on-disk-manager"
# Example of a PKCS 11 provider configuration
#[[provider]]
#provider_type = "Pkcs11"
#key_id_manager = "on-disk-manager"
# (Required for this provider) Path to the location of the dynamic library loaded by this provider.
# For the PKCS 11 provider, this library implements the PKCS 11 API on the target platform.
#library_path = "/usr/local/lib/softhsm/libsofthsm2.so"
# (Required) PKCS 11 slot that will be used by Parsec.
#slot_number = 123456789
# (Optional) User pin for authentication with the specific slot. If not set, no authentication will
# be used.
#user_pin = "123456"
# Example of a TPM provider configuration
#[[provider]]
#provider_type = "Tpm"
#key_id_manager = "on-disk-manager"
# (Required) TPM TCTI device to use with this provider. Options are:
# - "device": uses the TPM device on /dev/tpm0
# - "mssim": uses the simulation TPM with the socket
# - "tabrmd": uses the TPM2 Access Broker & Resource Management Daemon
#tcti = "mssim"
# (Required) Authentication value for performing operations on the TPM Owner Hierarchy. The string can
# be empty, however we strongly suggest that you use a secure password.
#owner_hierarchy_auth = "password"