Skip to content
Switch branches/tags
Go to file
Cannot retrieve contributors at this time
145 lines (97 sloc) 4.53 KB
version: 0.85.0
# Port of Acra HTTP API
acraserver_api_connection_port: 9090
# Connection string to Acra's API like tcp://x.x.x.x:yyyy or unix:///path/to/socket
# IP or domain to AcraServer daemon
# Port of AcraServer daemon
acraserver_connection_port: 9393
# Connection string to AcraServer like tcp://x.x.x.x:yyyy or unix:///path/to/socket
# Expected id from AcraServer for Secure Session
acraserver_securesession_id: acra_server
# Use tls to encrypt transport between AcraServer and AcraConnector/client
acraserver_tls_transport_enable: false
# Enable this flag to omit AcraConnector and connect client app to AcraServer directly using raw transport (tcp/unix socket). From security perspective please use at least TLS encryption (over tcp socket) between AcraServer and client app.
acraserver_transport_encryption_disable: false
# IP or domain to AcraTranslator daemon
# Port of AcraTranslator daemon
acratranslator_connection_port: 9696
# Connection string to AcraTranslator like grpc:// or
# Expected id from AcraTranslator for Secure Session
acratranslator_securesession_id: acra_translator
# Client ID
# path to config
# Log everything to stderr
d: false
# dump config
dump_config: false
# Generate with yaml config markdown text file with descriptions of all args
generate_markdown_args_table: false
# Enable connection to AcraServer via HTTP API
http_api_enable: false
# Port for AcraConnector HTTP API
incoming_connection_api_port: 9191
# Connection string like tcp://x.x.x.x:yyyy or unix:///path/to/socket
incoming_connection_api_string: tcp://
# Port to AcraConnector
incoming_connection_port: 9494
# URL (tcp://host:port) which will be used to expose Prometheus metrics (use <URL>/metrics address to pull metrics)
# Connection string like tcp://x.x.x.x:yyyy or unix:///path/to/socket
incoming_connection_string: tcp://
# Jaeger agent endpoint (for example, localhost:6831) that will be used to export trace data
# Password used for basic auth (optional) to jaeger
# Username used for basic auth (optional) to jaeger
# Jaeger endpoint (for example, http://localhost:14268/api/traces) that will be used to export trace data
# Folder from which will be loaded keys
keys_dir: .acrakeys
# Logging format: plaintext, json or CEF
logging_format: plaintext
# Expected mode of connection. Possible values are: AcraServer or AcraTranslator. Corresponded connection host/port/string/session_id will be used.
mode: AcraServer
# Expected Server Name (SNI) from AcraServer
# Set authentication mode that will be used in TLS connection with AcraServer/AcraTranslator. Values in range 0-4 that set auth type ( Default is tls.RequireAndVerifyClientCert
tls_auth: 4
# Path to root certificate which will be used with system root certificates to validate AcraServer's certificate
# Path to certificate
# How many CRLs to cache in memory (use 0 to disable caching)
tls_crl_cache_size: 16
# How long to keep CRLs cached, in seconds (use 0 to disable caching, maximum: 300 s)
tls_crl_cache_time: 0
# Put 'true' to check only final/last certificate, or 'false' to check the whole certificate chain using CRL
tls_crl_check_only_leaf_certificate: false
# How to treat CRL URL described in certificate itself: <use|trust|prefer|ignore>
tls_crl_from_cert: prefer
# URL of the Certificate Revocation List (CRL) to use
# Path to private key that will be used in TLS handshake with AcraServer
# Put 'true' to check only final/last certificate, or 'false' to check the whole certificate chain using OCSP
tls_ocsp_check_only_leaf_certificate: false
# How to treat OCSP server described in certificate itself: <use|trust|prefer|ignore>
tls_ocsp_from_cert: prefer
# How to treat certificates unknown to OCSP: <denyUnknown|allowUnknown|requireGood>
tls_ocsp_required: denyUnknown
# OCSP service URL
# Export trace data to jaeger
tracing_jaeger_enable: false
# Export trace data to log
tracing_log_enable: false
# Disable checking that connections from app running from another user
user_check_disable: false
# Log to stderr all INFO, WARNING and ERROR logs
v: false