Permalink
Fetching contributors…
Cannot retrieve contributors at this time
275 lines (226 sloc) 8.21 KB
#
# OverSIP - Main Configuration.
#
#
# IMPORTANT:
# This is a YAML [1] format configuration file. DON'T USE tab for indentation
# as it's not allowed and would raise unexpected errors. Instead, respect
# the existing indentation spaces.
# [1] http://en.wikipedia.org/wiki/YAML
core:
# DNS nameserver to use. Note that OverSIP requires a recursive DNS server
# (recommended unbound: a DNS recursive and caching DNS resolver).
# Value can be:
# - An IPv4.
# - An array of IPv4 (for failover).
# - _null_: nameservers in /etc/resolv.conf are used.
# Default value is _null_.
#
nameservers: null
# Syslog facility. Can be "kern", "user", "daemon", "local0"..."local7".
# By default "daemon".
#
syslog_facility: daemon
# Syslog level. Can be "debug", "info", "notice", "warn", "error", "crit".
# By default "info".
#
syslog_level: debug
sip:
# Use SIP over UDP. By default _yes_.
#
sip_udp: yes
# Use SIP over TCP. By default _yes_.
#
sip_tcp: yes
# Use SIP over TLS. By default _yes_.
#
sip_tls: yes
# Enable or disable IPv4. By default _yes_.
#
enable_ipv4: yes
# IPv4 in which OverSIP listens for SIP messages. Using "0.0.0.0" is not
# allowed.
# - Use an IPv4 string for listening in that address.
# - Use _null_ for IP autodiscovery.
# Default value is _null_.
#
listen_ipv4: null
# Advertised IPv4 for Via, Record-Route and Path headers.
# Useful when OverSIP runs behind a NAT and must expose the router public
# IPv4 to the outside.
# Default value is _null_ which means that the local IPv4 is used.
#
advertised_ipv4: null
# Enable or disable IPv6. By default _yes_.
#
enable_ipv6: yes
# IPv6 in which OverSIP listens for SIP messages. Using "::" is not
# allowed.
# - Use an IPv6 string for listening in that address.
# - Use _null_ for IP autodiscovery.
# Default value is _null_.
#
listen_ipv6: null
# Advertised IPv6 for Via, Record-Route and Path headers.
# Useful when OverSIP runs behind a NAT and must expose the router public
# IPv4 to the outside.
# Default value is _null_ which means that the local IPv6 is used.
#
advertised_ipv6: null
# Listening port for SIP over UDP and TCP.
# By default 5060.
#
listen_port: 5060
# Listening port for SIP over TLS.
# By default 5061.
#
listen_port_tls: 5061
# By enabling this option OverSIP does not listen in SIP TLS but, instead,
# runs an instance of Stud TLS proxy which communicates with OverSIP using
# plain TCP.
# By default _yes_.
#
use_tls_tunnel: yes
# The port which listens for TCP traffic from the Stud TLS proxy running in
# this host.
# By default 5062.
#
listen_port_tls_tunnel: 5062
# Call the OverSIP::SipEvents.on_client_tls_handshake() callback when a SIP
# client attemps a TLS handshake with OverSIP.
# By default _yes_.
#
callback_on_client_tls_handshake: yes
# Local domains OverSIP is responsible for. Value can be:
# - A domain.
# - An array of domains.
# - _null_: no one, just local IP's are matched as local destinations.
# Default value is _null_.
#
# local domains: [ example.net, sip.example.org ]
local_domains: null
# TCP keepalive interval (in seconds).
# When acting as a TCP server, OverSIP sends TCP packets with null data payload
# as described in http://tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/.
# If not set, TCP keepalive is disabled.
# Minimun value is 180 seconds. Default value is _null_ (not enabled).
#
tcp_keepalive_interval: 300
# Use a hostname for Record-Route/Path header when using TLS or WSS transports
# over IPv4 (rather than using the server IP). This is good when a peer
# sends us an in-dialog request via TLS so it could check whether the host part
# of the top Route header matches a domain in the certificate we provide to it.
# If not set, the server IPv4 will be used.
# Default value is _null_ (IPv4 is used).
#
# record_route_hostname_tls_ipv4: outbound.example.net
record_route_hostname_tls_ipv4: null
# The same for IPv6.
# If not set, the server IPv6 will be used.
# Default value is _null_ (IPv6 is used).
#
# record_route_hostname_tls_ipv6: outbound.example.net
record_route_hostname_tls_ipv6: null
websocket:
# Use SIP over WebSocket. By default _yes_.
#
sip_ws: yes
# Use SIP over WebSocket with TLS. By default _yes_.
#
sip_wss: yes
# Enable or disable IPv4. By default _yes_.
#
enable_ipv4: yes
# IPv4 in which OverSIP listens for WebSocket messages. Using "0.0.0.0" is not
# allowed.
# - Use an IPv4 string for listening in that address.
# - Use _null_ for IP autodiscovery.
# Default value is _null_.
#
listen_ipv4: null
# Advertised IPv4 for Via, Record-Route and Path headers.
# Useful when OverSIP runs behind a NAT and must expose the router public
# IPv4 to the outside.
# Default value is _null_ which means that the local IPv4 is used.
#
advertised_ipv4: null
# Enable or disable IPv6. By default _yes_.
#
enable_ipv6: yes
# IPv6 in which OverSIP listens for SIP messages. Using "::" is not
# allowed.
# - Use an IPv6 string for listening in that address.
# - Use _null_ for IP autodiscovery.
# Default value is _null_.
#
listen_ipv6: null
# Advertised IPv6 for Via, Record-Route and Path headers.
# Useful when OverSIP runs behind a NAT and must expose the router public
# IPv4 to the outside.
# Default value is _null_ which means that the local IPv6 is used.
#
advertised_ipv6: null
# Listening port for WebSocket over HTTP.
# By default 10080.
#
listen_port: 10080
# Listening port for WebSocket over HTTPS.
# By default 10443.
#
listen_port_tls: 10443
# By enabling this option OverSIP does not listen in WebSocket TLS but, instead,
# runs an instance of Stud TLS proxy which communicates with OverSIP using
# plain TCP.
# By default _yes_.
#
use_tls_tunnel: yes
# The port which listens for TCP traffic from the Stud TLS proxy running in
# this host.
# By default 10444.
#
listen_port_tls_tunnel: 10444
# Call the OverSIP::WebSocketEvents.on_client_tls_handshake() callback when a WebSocket
# client attemps a TLS handshake with OverSIP.
# By default _yes_.
#
callback_on_client_tls_handshake: yes
# WebSocket message max size (bytes). By default 65536.
#
max_ws_message_size: 65536
# WebSocket frame max size (bytes). By default 65536.
#
max_ws_frame_size: 65536
# WebSocket PING frames interval (in seconds).
# If set, OverSIP sends WebSocket PING control frames as the given interval.
# Minimun value is 180. Default value is _null_.
#
ws_keepalive_interval: 300
# TLS parameters affect to any interface of OverSIP using TLS, including SIP and WebSocket.
tls:
# Server TLS public certificate. It must be the name of a readable file containing a
# chain of X509 certificates in PEM format, with the most-resolved certificate at the
# top of the file, successive intermediate certs in the middle, and the root (or CA)
# cert at the bottom.
# If not set, TLS is disabled. Default value is _null_.
# If a relative path is given, it's searched under the tls/ directoy in the OverSIP
# configuration directory (typically /etc/oversip/).
#
public_cert: demo-tls.oversip.net.crt
# Server TLS private certificate. It must be the name of a readable file containing a
# private key in the PEM format.
# If not set, TLS is disabled. Default value is _null_.
# If a relative path is given, it's searched under the tls/ directoy in the OverSIP
# configuration directory (typically /etc/oversip/).
# NOTE: The private key MUST NOT require password.
#
private_cert: demo-tls.oversip.net.key
# Directory of TLS CAs. It must be the name of a readable directory. Every file in
# that directory will be inspected and every X509 certificate in PEM format extracted.
# This is useful for storing the list of trusted CAs (i.e. http://curl.haxx.se/ca/cacert.pem)
# or CAs not in a standard trust hierarchy.
# This is *required* for validating certificates provided by remote peers.
# If _null_ this feature is dssabled. Default value is _null_.
# If a relative path is given, it's searched under the tls/ directoy in the OverSIP
# configuration directory (typically /etc/oversip/).
#
ca_dir: ca/