diff options
Diffstat (limited to '')
-rw-r--r-- | bin/OpenSim.ini.example | 55 | ||||
-rw-r--r-- | bin/OpenSimDefaults.ini | 7 |
2 files changed, 48 insertions, 14 deletions
diff --git a/bin/OpenSim.ini.example b/bin/OpenSim.ini.example index 3fe3992..36dae35 100644 --- a/bin/OpenSim.ini.example +++ b/bin/OpenSim.ini.example | |||
@@ -46,22 +46,28 @@ | |||
46 | 46 | ||
47 | 47 | ||
48 | [Const] | 48 | [Const] |
49 | ; For a grid these will usually be the externally accessible IP/DNS | 49 | ; this section defines constants for grid services |
50 | ; name and use default public port 8002 and default private port 8003 | 50 | ; to simplify other configuration files default settings |
51 | ; For a standalone this will usually be the externally accessible IP/DNS | 51 | |
52 | ; name and use default public port 9000. The private port is not used | 52 | ; BaseURL |
53 | ; in the configuration for a standalone. | 53 | ; should be the externally accessible IP/DNS name of grid or standalone |
54 | 54 | ; http://externalHostName or https://externalHostName if using ssl | |
55 | ;# {BaseURL} {} {BaseURL} {"http://example.com" "http://127.0.0.1"} "http://127.0.0.1" | 55 | ; examples: http://mymachine.example.com, https://mymachine.example.com, https://127.0.0.1 |
56 | ; default: http://127.0.0.1 | ||
57 | ;# {BaseURL} {} {BaseURL} {"http://example.com" "http://127.0.0.1"} "" | ||
56 | BaseURL = http://127.0.0.1 | 58 | BaseURL = http://127.0.0.1 |
57 | 59 | ||
58 | ;# {PublicPort} {} {PublicPort} {8002 9000} "8002" | 60 | ; default public port |
61 | ; usually 8002 for grids. | ||
62 | ; on standalones it needs to match http_listener_port or http_listener_sslport if using ssl | ||
63 | ; in [Network] section below (defaults 9000 or 9001 if using ssl) | ||
64 | ;# {PublicPort} {} {PublicPort} {8002 9000 9001} "8002" | ||
59 | PublicPort = "8002" | 65 | PublicPort = "8002" |
60 | 66 | ||
67 | ;grid default private port 8003, not used in standalone | ||
61 | ;# {PrivatePort} {} {PrivatePort} {8003} "8003" | 68 | ;# {PrivatePort} {} {PrivatePort} {8003} "8003" |
62 | PrivatePort = "8003" | 69 | PrivatePort = "8003" |
63 | 70 | ||
64 | |||
65 | [Startup] | 71 | [Startup] |
66 | ;# {ConsolePrompt} {} {ConsolePrompt} {} "Region (\R) " | 72 | ;# {ConsolePrompt} {} {ConsolePrompt} {} "Region (\R) " |
67 | ;; Console prompt | 73 | ;; Console prompt |
@@ -437,7 +443,6 @@ | |||
437 | ;; Password for the default estate owner | 443 | ;; Password for the default estate owner |
438 | ; DefaultEstateOwnerPassword = password | 444 | ; DefaultEstateOwnerPassword = password |
439 | 445 | ||
440 | |||
441 | [SMTP] | 446 | [SMTP] |
442 | ;; The SMTP server enabled the email module to send email to external | 447 | ;; The SMTP server enabled the email module to send email to external |
443 | ;; destinations. | 448 | ;; destinations. |
@@ -470,7 +475,6 @@ | |||
470 | ;# {SMTP_SERVER_PASSWORD} {[Startup]emailmodule:DefaultEmailModule enabled:true} {SMTP server password} {} | 475 | ;# {SMTP_SERVER_PASSWORD} {[Startup]emailmodule:DefaultEmailModule enabled:true} {SMTP server password} {} |
471 | ; SMTP_SERVER_PASSWORD = "" | 476 | ; SMTP_SERVER_PASSWORD = "" |
472 | 477 | ||
473 | |||
474 | [Network] | 478 | [Network] |
475 | ;# {ConsoleUser} {} {User name for console account} {} | 479 | ;# {ConsoleUser} {} {User name for console account} {} |
476 | ;; Configure the remote console user here. This will not actually be used | 480 | ;; Configure the remote console user here. This will not actually be used |
@@ -487,10 +491,39 @@ | |||
487 | ;; the region ports use UDP. | 491 | ;; the region ports use UDP. |
488 | ; http_listener_port = 9000 | 492 | ; http_listener_port = 9000 |
489 | 493 | ||
494 | ; optional main server secure http (ssl) | ||
495 | ; to use ssl you need a ssl certificate in PKCS12 format that validates the ExternalHostnames | ||
496 | ; or their domains | ||
497 | ; some viewers by default only accept certificates signed by a oficial CA | ||
498 | ; to use others like self signed certificates with those viewers, | ||
499 | ; their debug option NoVerifySSLCert needs to be set true, You need to inform users about this | ||
500 | ; the main unsecure port will still open for some services. this may change in future. | ||
501 | |||
502 | ; set http_listener_ssl to enable main server ssl. it will replace unsecure port on most functions | ||
503 | ;# {http_listener_ssl}{} {enable main server ssl port)} {} false | ||
504 | ;http_listener_ssl = false | ||
505 | |||
506 | ; Set port for main SSL connections | ||
507 | ;# {http_listener_sslport}{} {main server ssl port)} {} 9001 | ||
508 | ;http_listener_sslport = 9001 ; | ||
509 | |||
510 | ; currently if using ssl, regions ExternalHostName must the the same and equal to http_listener_cn | ||
511 | ; this may be removed in future | ||
512 | ;# {http_listener_cn}{} {main server ssl externalHostName)} {} "" | ||
513 | ;http_listener_cn = "myRegionsExternalHostName" | ||
514 | |||
515 | ; the path for the certificate path | ||
516 | ;# {http_listener_cert_path}{} {main server ssl certificate file path)} {} "" | ||
517 | ;http_listener_cert_path = "mycert.p12" | ||
518 | |||
519 | ;# {http_listener_cert_pass}{} {main server ssl certificate password)} {} "" | ||
520 | ;http_listener_cert_pass = "mycertpass" ; the cert passwork | ||
521 | |||
490 | ; By default, OpenSimulator does not allow scripts to make HTTP calls to addresses on the simulator's LAN. | 522 | ; By default, OpenSimulator does not allow scripts to make HTTP calls to addresses on the simulator's LAN. |
491 | ; See the OutboundDisallowForUserScripts parameter in OpenSimDefaults.ini for more information on this filter. | 523 | ; See the OutboundDisallowForUserScripts parameter in OpenSimDefaults.ini for more information on this filter. |
492 | ; If you need to allow scripts to make some LAN calls use the OutboundDisallowForUserScriptsExcept parameter below. | 524 | ; If you need to allow scripts to make some LAN calls use the OutboundDisallowForUserScriptsExcept parameter below. |
493 | ; We recommend that you do not override OutboundDisallowForUserScripts directly unless you are very sure about what you're doing. | 525 | ; We recommend that you do not override OutboundDisallowForUserScripts directly unless you are very sure about what you're doing. |
526 | ; this HTTP calls can also use ssl see opensimDefaults.ini | ||
494 | ; | 527 | ; |
495 | ; You can whitelist individual endpoints by IP or FQDN, e.g. | 528 | ; You can whitelist individual endpoints by IP or FQDN, e.g. |
496 | ; | 529 | ; |
diff --git a/bin/OpenSimDefaults.ini b/bin/OpenSimDefaults.ini index 01a44c3..bd37748 100644 --- a/bin/OpenSimDefaults.ini +++ b/bin/OpenSimDefaults.ini | |||
@@ -510,8 +510,8 @@ | |||
510 | http_listener_cert_path = "mycert.p12" ; path for the cert file that is valid for the ExternalHostName | 510 | http_listener_cert_path = "mycert.p12" ; path for the cert file that is valid for the ExternalHostName |
511 | http_listener_cert_pass = "mycertpass" ; the cert passwork | 511 | http_listener_cert_pass = "mycertpass" ; the cert passwork |
512 | 512 | ||
513 | ; HTTPS for "Out of band" management applications such as the remote | 513 | ; addicional HTTPS for "Out of band" management applications such as the remote |
514 | ; admin module | 514 | ; admin module or scripts |
515 | ; | 515 | ; |
516 | ; Create https_listener = "True" will create a listener on the port | 516 | ; Create https_listener = "True" will create a listener on the port |
517 | ; specified. Provide the path to your server certificate along with it's | 517 | ; specified. Provide the path to your server certificate along with it's |
@@ -519,7 +519,7 @@ | |||
519 | ; https_listener = False | 519 | ; https_listener = False |
520 | ; Set our listener to this port | 520 | ; Set our listener to this port |
521 | ; https_port = 0 | 521 | ; https_port = 0 |
522 | ; Path to X509 certificate | 522 | ; Path to X509 certificate, can be the same as main or another |
523 | ; cert_path = "path/to/cert.p12" | 523 | ; cert_path = "path/to/cert.p12" |
524 | ; Password for cert | 524 | ; Password for cert |
525 | ; cert_pass = "password" | 525 | ; cert_pass = "password" |
@@ -531,6 +531,7 @@ | |||
531 | ; HttpBodyMaxLenMAX=16384 | 531 | ; HttpBodyMaxLenMAX=16384 |
532 | 532 | ||
533 | ; Hostname to use in llRequestURL/llRequestSecureURL | 533 | ; Hostname to use in llRequestURL/llRequestSecureURL |
534 | ; must be a valid hostname for the ssl cert. | ||
534 | ; if not defined - default machine name is being used | 535 | ; if not defined - default machine name is being used |
535 | ; (on Windows this mean NETBIOS name - useably only inside local network) | 536 | ; (on Windows this mean NETBIOS name - useably only inside local network) |
536 | ; ExternalHostNameForLSL=127.0.0.1 | 537 | ; ExternalHostNameForLSL=127.0.0.1 |