diff options
Diffstat (limited to 'bin/OpenSim.ini.example')
| -rw-r--r-- | bin/OpenSim.ini.example | 53 |
1 files changed, 44 insertions, 9 deletions
diff --git a/bin/OpenSim.ini.example b/bin/OpenSim.ini.example index 14a41b0..3021dfa 100644 --- a/bin/OpenSim.ini.example +++ b/bin/OpenSim.ini.example | |||
| @@ -46,11 +46,8 @@ | |||
| 46 | 46 | ||
| 47 | 47 | ||
| 48 | [Const] | 48 | [Const] |
| 49 | ; For a grid these will usually be the externally accessible IP/DNS | 49 | ; this section defines constants for grid services |
| 50 | ; name and use default public port 8002 and default private port 8003 | 50 | ; to simplify other configuration files default settings |
| 51 | ; For a standalone this will usually be the externally accessible IP/DNS | ||
| 52 | ; name and use default public port 9000. The private port is not used | ||
| 53 | ; in the configuration for a standalone. | ||
| 54 | 51 | ||
| 55 | ;# {BaseHostname} {} {BaseHostname} {"example.com" "127.0.0.1"} "127.0.0.1" | 52 | ;# {BaseHostname} {} {BaseHostname} {"example.com" "127.0.0.1"} "127.0.0.1" |
| 56 | BaseHostname = "127.0.0.1" | 53 | BaseHostname = "127.0.0.1" |
| @@ -61,13 +58,13 @@ | |||
| 61 | ;# {PublicPort} {} {PublicPort} {8002 9000} "8002" | 58 | ;# {PublicPort} {} {PublicPort} {8002 9000} "8002" |
| 62 | PublicPort = "8002" | 59 | PublicPort = "8002" |
| 63 | 60 | ||
| 61 | ;grid default private port 8003, not used in standalone | ||
| 64 | ;# {PrivatePort} {} {PrivatePort} {8003} "8003" | 62 | ;# {PrivatePort} {} {PrivatePort} {8003} "8003" |
| 65 | ; port to access private grid services. | 63 | ; port to access private grid services. |
| 66 | ; grids that run all their regions should deny access to this port | 64 | ; grids that run all their regions should deny access to this port |
| 67 | ; from outside their networks, using firewalls | 65 | ; from outside their networks, using firewalls |
| 68 | PrivatePort = "8003" | 66 | PrivatePort = "8003" |
| 69 | 67 | ||
| 70 | |||
| 71 | [Startup] | 68 | [Startup] |
| 72 | ;# {ConsolePrompt} {} {ConsolePrompt} {} "Region (\R) " | 69 | ;# {ConsolePrompt} {} {ConsolePrompt} {} "Region (\R) " |
| 73 | ;; Console prompt | 70 | ;; Console prompt |
| @@ -299,7 +296,18 @@ | |||
| 299 | ;; default is false | 296 | ;; default is false |
| 300 | ; TelehubAllowLandmark = false | 297 | ; TelehubAllowLandmark = false |
| 301 | 298 | ||
| 302 | 299 | ||
| 300 | ;; SSL certificate validation options | ||
| 301 | ;; you can allow selfsigned certificates or no official CA with next option set to true | ||
| 302 | ;# {NoVerifyCertChain} {} {do not verify SSL Cert Chain} {true false} true | ||
| 303 | ; NoVerifyCertChain = true | ||
| 304 | |||
| 305 | ;; you can also bypass the hostname or domain verification | ||
| 306 | ;# {NoVerifyCertHostname} {} {do not verify SSL Cert name versus peer name} {true false} true | ||
| 307 | ; NoVerifyCertHostname = true | ||
| 308 | ;; having both options true does provide encryption but with low security | ||
| 309 | ;; set both true if you don't care to use SSL, they are needed to contact regions or grids that do use it. | ||
| 310 | |||
| 303 | [AccessControl] | 311 | [AccessControl] |
| 304 | ;# {AllowedClients} {} {Bar (|) separated list of allowed clients} {} | 312 | ;# {AllowedClients} {} {Bar (|) separated list of allowed clients} {} |
| 305 | ;; Bar (|) separated list of viewers which may gain access to the regions. | 313 | ;; Bar (|) separated list of viewers which may gain access to the regions. |
| @@ -458,7 +466,6 @@ | |||
| 458 | ;; Password for the default estate owner | 466 | ;; Password for the default estate owner |
| 459 | ; DefaultEstateOwnerPassword = password | 467 | ; DefaultEstateOwnerPassword = password |
| 460 | 468 | ||
| 461 | |||
| 462 | [SMTP] | 469 | [SMTP] |
| 463 | ;; The SMTP server enabled the email module to send email to external | 470 | ;; The SMTP server enabled the email module to send email to external |
| 464 | ;; destinations. | 471 | ;; destinations. |
| @@ -491,7 +498,6 @@ | |||
| 491 | ;# {SMTP_SERVER_PASSWORD} {[Startup]emailmodule:DefaultEmailModule enabled:true} {SMTP server password} {} | 498 | ;# {SMTP_SERVER_PASSWORD} {[Startup]emailmodule:DefaultEmailModule enabled:true} {SMTP server password} {} |
| 492 | ; SMTP_SERVER_PASSWORD = "" | 499 | ; SMTP_SERVER_PASSWORD = "" |
| 493 | 500 | ||
| 494 | |||
| 495 | [Network] | 501 | [Network] |
| 496 | ;# {ConsoleUser} {} {User name for console account} {} | 502 | ;# {ConsoleUser} {} {User name for console account} {} |
| 497 | ;; Configure the remote console user here. This will not actually be used | 503 | ;; Configure the remote console user here. This will not actually be used |
| @@ -508,10 +514,39 @@ | |||
| 508 | ;; the region ports use UDP. | 514 | ;; the region ports use UDP. |
| 509 | ; http_listener_port = 9000 | 515 | ; http_listener_port = 9000 |
| 510 | 516 | ||
| 517 | ; optional main server secure http (ssl) | ||
| 518 | ; to use ssl you need a ssl certificate in PKCS12 format that validates the ExternalHostnames | ||
| 519 | ; or their domains | ||
| 520 | ; some viewers by default only accept certificates signed by a oficial CA | ||
| 521 | ; to use others like self signed certificates with those viewers, | ||
| 522 | ; their debug option NoVerifySSLCert needs to be set true, You need to inform users about this | ||
| 523 | ; the main unsecure port will still open for some services. this may change in future. | ||
| 524 | |||
| 525 | ; set http_listener_ssl to enable main server ssl. it will replace unsecure port on most functions | ||
| 526 | ;# {http_listener_ssl}{} {enable main server ssl port)} {} false | ||
| 527 | ;http_listener_ssl = false | ||
| 528 | |||
| 529 | ; Set port for main SSL connections | ||
| 530 | ;# {http_listener_sslport}{} {main server ssl port)} {} 9001 | ||
| 531 | ;http_listener_sslport = 9001 ; | ||
| 532 | |||
| 533 | ; currently if using ssl, regions ExternalHostName must the the same and equal to http_listener_cn | ||
| 534 | ; this may be removed in future | ||
| 535 | ;# {http_listener_cn}{} {main server ssl externalHostName)} {} "" | ||
| 536 | ;http_listener_cn = "myRegionsExternalHostName" | ||
| 537 | |||
| 538 | ; the path for the certificate path | ||
| 539 | ;# {http_listener_cert_path}{} {main server ssl certificate file path)} {} "" | ||
| 540 | ;http_listener_cert_path = "mycert.p12" | ||
| 541 | |||
| 542 | ;# {http_listener_cert_pass}{} {main server ssl certificate password)} {} "" | ||
| 543 | ;http_listener_cert_pass = "mycertpass" ; the cert passwork | ||
| 544 | |||
| 511 | ; By default, OpenSimulator does not allow scripts to make HTTP calls to addresses on the simulator's LAN. | 545 | ; By default, OpenSimulator does not allow scripts to make HTTP calls to addresses on the simulator's LAN. |
| 512 | ; See the OutboundDisallowForUserScripts parameter in OpenSimDefaults.ini for more information on this filter. | 546 | ; See the OutboundDisallowForUserScripts parameter in OpenSimDefaults.ini for more information on this filter. |
| 513 | ; If you need to allow scripts to make some LAN calls use the OutboundDisallowForUserScriptsExcept parameter below. | 547 | ; If you need to allow scripts to make some LAN calls use the OutboundDisallowForUserScriptsExcept parameter below. |
| 514 | ; We recommend that you do not override OutboundDisallowForUserScripts directly unless you are very sure about what you're doing. | 548 | ; We recommend that you do not override OutboundDisallowForUserScripts directly unless you are very sure about what you're doing. |
| 549 | ; this HTTP calls can also use ssl see opensimDefaults.ini | ||
| 515 | ; | 550 | ; |
| 516 | ; You can whitelist individual endpoints by IP or FQDN, e.g. | 551 | ; You can whitelist individual endpoints by IP or FQDN, e.g. |
| 517 | ; | 552 | ; |