diff options
Diffstat (limited to 'bin/OpenSim.ini.example')
| -rw-r--r-- | bin/OpenSim.ini.example | 53 |
1 files changed, 44 insertions, 9 deletions
diff --git a/bin/OpenSim.ini.example b/bin/OpenSim.ini.example index 021e444..74888b3 100644 --- a/bin/OpenSim.ini.example +++ b/bin/OpenSim.ini.example | |||
| @@ -46,11 +46,8 @@ | |||
| 46 | 46 | ||
| 47 | 47 | ||
| 48 | [Const] | 48 | [Const] |
| 49 | ; For a grid these will usually be the externally accessible IP/DNS | 49 | ; this section defines constants for grid services |
| 50 | ; name and use default public port 8002 and default private port 8003 | 50 | ; to simplify other configuration files default settings |
| 51 | ; For a standalone this will usually be the externally accessible IP/DNS | ||
| 52 | ; name and use default public port 9000. The private port is not used | ||
| 53 | ; in the configuration for a standalone. | ||
| 54 | 51 | ||
| 55 | ;# {BaseHostname} {} {BaseHostname} {"example.com" "127.0.0.1"} "127.0.0.1" | 52 | ;# {BaseHostname} {} {BaseHostname} {"example.com" "127.0.0.1"} "127.0.0.1" |
| 56 | BaseHostname = "127.0.0.1" | 53 | BaseHostname = "127.0.0.1" |
| @@ -61,13 +58,13 @@ | |||
| 61 | ;# {PublicPort} {} {PublicPort} {8002 9000} "8002" | 58 | ;# {PublicPort} {} {PublicPort} {8002 9000} "8002" |
| 62 | PublicPort = "8002" | 59 | PublicPort = "8002" |
| 63 | 60 | ||
| 61 | ;grid default private port 8003, not used in standalone | ||
| 64 | ;# {PrivatePort} {} {PrivatePort} {8003} "8003" | 62 | ;# {PrivatePort} {} {PrivatePort} {8003} "8003" |
| 65 | ; port to access private grid services. | 63 | ; port to access private grid services. |
| 66 | ; grids that run all their regions should deny access to this port | 64 | ; grids that run all their regions should deny access to this port |
| 67 | ; from outside their networks, using firewalls | 65 | ; from outside their networks, using firewalls |
| 68 | PrivatePort = "8003" | 66 | PrivatePort = "8003" |
| 69 | 67 | ||
| 70 | |||
| 71 | [Startup] | 68 | [Startup] |
| 72 | ;# {ConsolePrompt} {} {ConsolePrompt} {} "Region (\R) " | 69 | ;# {ConsolePrompt} {} {ConsolePrompt} {} "Region (\R) " |
| 73 | ;; Console prompt | 70 | ;; Console prompt |
| @@ -295,7 +292,18 @@ | |||
| 295 | ;; default is false | 292 | ;; default is false |
| 296 | ; TelehubAllowLandmark = false | 293 | ; TelehubAllowLandmark = false |
| 297 | 294 | ||
| 298 | 295 | ||
| 296 | ;; SSL certificate validation options | ||
| 297 | ;; you can allow selfsigned certificates or no official CA with next option set to true | ||
| 298 | ;# {NoVerifyCertChain} {} {do not verify SSL Cert Chain} {true false} true | ||
| 299 | ; NoVerifyCertChain = true | ||
| 300 | |||
| 301 | ;; you can also bypass the hostname or domain verification | ||
| 302 | ;# {NoVerifyCertHostname} {} {do not verify SSL Cert name versus peer name} {true false} true | ||
| 303 | ; NoVerifyCertHostname = true | ||
| 304 | ;; having both options true does provide encryption but with low security | ||
| 305 | ;; set both true if you don't care to use SSL, they are needed to contact regions or grids that do use it. | ||
| 306 | |||
| 299 | [AccessControl] | 307 | [AccessControl] |
| 300 | ;# {AllowedClients} {} {Bar (|) separated list of allowed clients} {} | 308 | ;# {AllowedClients} {} {Bar (|) separated list of allowed clients} {} |
| 301 | ;; Bar (|) separated list of viewers which may gain access to the regions. | 309 | ;; Bar (|) separated list of viewers which may gain access to the regions. |
| @@ -439,7 +447,6 @@ | |||
| 439 | ;; Password for the default estate owner | 447 | ;; Password for the default estate owner |
| 440 | ; DefaultEstateOwnerPassword = password | 448 | ; DefaultEstateOwnerPassword = password |
| 441 | 449 | ||
| 442 | |||
| 443 | [SMTP] | 450 | [SMTP] |
| 444 | ;; The SMTP server enabled the email module to send email to external | 451 | ;; The SMTP server enabled the email module to send email to external |
| 445 | ;; destinations. | 452 | ;; destinations. |
| @@ -472,7 +479,6 @@ | |||
| 472 | ;# {SMTP_SERVER_PASSWORD} {[Startup]emailmodule:DefaultEmailModule enabled:true} {SMTP server password} {} | 479 | ;# {SMTP_SERVER_PASSWORD} {[Startup]emailmodule:DefaultEmailModule enabled:true} {SMTP server password} {} |
| 473 | ; SMTP_SERVER_PASSWORD = "" | 480 | ; SMTP_SERVER_PASSWORD = "" |
| 474 | 481 | ||
| 475 | |||
| 476 | [Network] | 482 | [Network] |
| 477 | ;# {ConsoleUser} {} {User name for console account} {} | 483 | ;# {ConsoleUser} {} {User name for console account} {} |
| 478 | ;; Configure the remote console user here. This will not actually be used | 484 | ;; Configure the remote console user here. This will not actually be used |
| @@ -489,10 +495,39 @@ | |||
| 489 | ;; the region ports use UDP. | 495 | ;; the region ports use UDP. |
| 490 | ; http_listener_port = 9000 | 496 | ; http_listener_port = 9000 |
| 491 | 497 | ||
| 498 | ; optional main server secure http (ssl) | ||
| 499 | ; to use ssl you need a ssl certificate in PKCS12 format that validates the ExternalHostnames | ||
| 500 | ; or their domains | ||
| 501 | ; some viewers by default only accept certificates signed by a oficial CA | ||
| 502 | ; to use others like self signed certificates with those viewers, | ||
| 503 | ; their debug option NoVerifySSLCert needs to be set true, You need to inform users about this | ||
| 504 | ; the main unsecure port will still open for some services. this may change in future. | ||
| 505 | |||
| 506 | ; set http_listener_ssl to enable main server ssl. it will replace unsecure port on most functions | ||
| 507 | ;# {http_listener_ssl}{} {enable main server ssl port)} {} false | ||
| 508 | ;http_listener_ssl = false | ||
| 509 | |||
| 510 | ; Set port for main SSL connections | ||
| 511 | ;# {http_listener_sslport}{} {main server ssl port)} {} 9001 | ||
| 512 | ;http_listener_sslport = 9001 ; | ||
| 513 | |||
| 514 | ; currently if using ssl, regions ExternalHostName must the the same and equal to http_listener_cn | ||
| 515 | ; this may be removed in future | ||
| 516 | ;# {http_listener_cn}{} {main server ssl externalHostName)} {} "" | ||
| 517 | ;http_listener_cn = "myRegionsExternalHostName" | ||
| 518 | |||
| 519 | ; the path for the certificate path | ||
| 520 | ;# {http_listener_cert_path}{} {main server ssl certificate file path)} {} "" | ||
| 521 | ;http_listener_cert_path = "mycert.p12" | ||
| 522 | |||
| 523 | ;# {http_listener_cert_pass}{} {main server ssl certificate password)} {} "" | ||
| 524 | ;http_listener_cert_pass = "mycertpass" ; the cert passwork | ||
| 525 | |||
| 492 | ; By default, OpenSimulator does not allow scripts to make HTTP calls to addresses on the simulator's LAN. | 526 | ; By default, OpenSimulator does not allow scripts to make HTTP calls to addresses on the simulator's LAN. |
| 493 | ; See the OutboundDisallowForUserScripts parameter in OpenSimDefaults.ini for more information on this filter. | 527 | ; See the OutboundDisallowForUserScripts parameter in OpenSimDefaults.ini for more information on this filter. |
| 494 | ; If you need to allow scripts to make some LAN calls use the OutboundDisallowForUserScriptsExcept parameter below. | 528 | ; If you need to allow scripts to make some LAN calls use the OutboundDisallowForUserScriptsExcept parameter below. |
| 495 | ; We recommend that you do not override OutboundDisallowForUserScripts directly unless you are very sure about what you're doing. | 529 | ; We recommend that you do not override OutboundDisallowForUserScripts directly unless you are very sure about what you're doing. |
| 530 | ; this HTTP calls can also use ssl see opensimDefaults.ini | ||
| 496 | ; | 531 | ; |
| 497 | ; You can whitelist individual endpoints by IP or FQDN, e.g. | 532 | ; You can whitelist individual endpoints by IP or FQDN, e.g. |
| 498 | ; | 533 | ; |