#============================================================================
#  Network service to allow authorized clients.
#============================================================================
service {
    #------------------------------------------------------------------------
    #  A line like the following can be used to bind to a specific IP
    #  address instead of the wildcard.
    #------------------------------------------------------------------------
    addresses = [ { address = "inaddr_any"; port = 2126; },
                  { address = "in6addr_any"; port = 2126; } ];

    #------------------------------------------------------------------------
    #  Location of credence public key file (id_ed25519.pub), private key
    #  file (id_ed25519) and allowed client public keys file (known_keys).
    #------------------------------------------------------------------------
    keyDirectory = "/usr/local/etc/mccurtaind";
    
    #------------------------------------------------------------------------
    #  Access can be restricted to clients within given address ranges.
    #------------------------------------------------------------------------
    allowedClients = [
      "192.168.168/24", "127.0.0.1/32", "fd60:3019:f4a:6aaf::0/64", "::1"
    ];
};

#============================================================================
#  syslog configuration.
#============================================================================
syslog {
    #------------------------------------------------------------------------
    #  Syslog facility.  Defaults to "daemon" if not set.
    #------------------------------------------------------------------------
    facility = "local0";
    
    #------------------------------------------------------------------------
    #  Minimum syslog priority to log.  Defaults to "info" if not set.
    #------------------------------------------------------------------------
    level = "info";

    #------------------------------------------------------------------------
    #  Set to "yes" to get {filename:line} in syslog.
    #------------------------------------------------------------------------
    logLocations = "no";
};

#============================================================================
#  databases configuration.
#============================================================================
databases {
    #------------------------------------------------------------------------
    #  IPv4 to AS database.  If not configured, /usr/local/etc/ipv42as.db
    #  will be assumed.
    #------------------------------------------------------------------------
    ipv4toas = "/usr/local/etc/ipv42as.db";

    #------------------------------------------------------------------------
    #  AS to IPv4 prefixes database.  If not configured,
    #  /usr/local/etc/as2ipv4.db will be assumed.
    #------------------------------------------------------------------------
    astoipv4 = "/usr/local/etc/as2ipv4.db";

    #------------------------------------------------------------------------
    #  RIPE asn.txt file location.  If not configured,
    #  /usr/local/etc/asn.txt will be assumed.
    #------------------------------------------------------------------------
    asntxt = "/usr/local/etc/asn.txt";
};

