# Routinator Configuration
#
# The configuration file is a TOML file. It consists of a sequence of
# key-value pairs, each on its own line. Strings are to be enclosed in
# double quotes. Lists of values can be given by enclosing a
# comma-separated sequence of these values in square brackets.
#
# See https://github.com/toml-lang/toml for detailed information on the
# format.
#
# This file contains all configuration settings with explanations and their
# default values.
# Repository directory
#
# This is where Routinator stores the local copy of the RPKI repository.
# Any relative path is interpreted with respect to the directory this config
# lives in.
#
# This setting is mandatory.
#
repository-dir = "..."
# Do not use bundled RIR TALs.
#no-rir-tals = false
# Use additional bundled TALs.
#tals = [ "apnic-testbed", "nlnetlabs-testbed" ]
# Directory with additional TALs.
#
# All the files with the extension ".tal" in this directory are treated as
# trust anchor locators for RPKI validation.
#
# A relative path is interpreted with respect to the directory this config
# lives in.
#
#extra-tals-dir = "..."
# Local exceptions files
#
# This settings contains a array of paths to files that contain local
# exceptions. The files are JSON files according to RFC 8416 (aka SLURM).
#exceptions = []
# Strict mode
#
# If strict mode, Routinator will stick to the requirements in the respective
# RFCs very strictly. See
# https://github.com/NLnetLabs/rpki-rs/blob/master/doc/relaxed-validation.md
# for information on what is allowed when strict mode is off.
#strict = false
# Policy for stale objects
#
# Manifests and CRLs have a field called next-update which states the time
# when a new object should be published. If an object remains past that time,
# it is considered stale.
#
# This options defines how to deal with such stale objects. It can be one of
# three values: "reject" means all stale objects are rejected as invalid,
# "warn" means that they are accepted but a warning is logged, and "accept"
# means the are just accepted.
#
# Note that rejecting stale manifests and CRLs results on all objects of the
# issuing CA to be rejected, too, including all child CAs.
#stale = "warn"
# Allow dubious host names in rsync and RRDP URIs.
#
# By default, Routinator will filter out URIs with host names that shouldn't
# appear in public URIs. This option can be used to disable this filtering.
#allow-dubious-hosts = false
# Disable rsync
#
# If you don't want to use rsync -- which is not advices as there are rsync
# only repositories -- you can set this to true.
#disable-rsync = false
# Rsync command
#
# This is the command to run as rsync. This is only command, no options.
#rsync-command = "rsync"
# Rsync arguments
#
# This is a list of arguments to give to rsync.
#rsync-args = []
# Number of parallel rsync commands
#
# This is the maximum number of rsync commands that are run in parallel.
# We are not sure, if the current default is any good. Some feedback whether
# it is causing trouble or whether a higher value would even be fine is very
# much appreciated.
#
#rsync-count = 4
# Number of validation threads
#
# The number of threads that are used for validating the repository. The
# default value is the number of CPUs.
#validation-threads = NUMBER
# Refresh interval
#
# How often the repository should be updated and validated in RTR mode.
# Specifically, this is the number of seconds the process will wait after
# having finished validation before starting the next update.
#
# The default is the value indirectly recommended by RFC 8210.
#refresh = 3600
# RTR retry interval
#
# This is the time an RTR client is told to wait before retrying a failed
# query in seconds.
#retry = 600
# RTR expire interval
#
# This is the time an RTR client is told to keep using data if it can't
# refresh it.
#expire = 7200
# History size
#
# The number of deltas to keep. If a client requests an older delta, it is
# served the entire set again.
#
# There was no particular reason for choosing the default ...
#history-size = 10
# Listen addresses for RTR TCP transport.
#
# This is an array of strings, each string a socket address of the form
# "address:port" with IPv6 address in square brackets.
#rtr-listen = ["127.0.0.1:3323"]
# Listen addresses for Prometheus HTTP monitoring endpoint.
#
# This is an array of strings, each string a socket address of the form
# "address:port" with IPv6 address in square brackets.
#
# Port 9556 is allocated for the routinator exporter.
# https://github.com/prometheus/prometheus/wiki/Default-port-allocations
#
#http-listen = ...
# Log level
#
# The maximum log level ("off", "error", "warn", "info", or "debug") for
# which to log messages.
#log-level = "warn"
# Log target
#
# Where to log to. One of "stderr" for stderr, "syslog" for syslog, or "file"
# for a file. If "file" is given, the "log-file" field needs to be given, too.
#
# Can also be "default", in which case "syslog" is used in daemon mode and
# "stderr" otherwise
#log = "default"
# Syslog facility
#
# The syslog facility to log to if syslog logging is used.
#syslog-facility = "daemon"
# Log file
#
# The path to the file to log to if file logging is used. If the path is
# relative, it is relative to the directory this config file lives in.
#log-file = ...
# Daemon PID file
#
# When in daemon mode, Routinator can store its process ID in a file given
# through this entry. It will keep that file locked while running. By default,
# no pid file is used.
#pid-file = ...
# Daemon working directory
#
# If this entry is given, the daemon process will change its working directory
# to this directory. Otherwise it remains in the current directory.
#working-dir = ...
# Daemon Chroot
#
# If this entry is given, the daemon process will change its root directory to
# this directory. Startup will fail if any of the other directories given is
# not within this directory.
#chroot = ...
# TAL Labels
#
# In some output formats, such as CSV, the trust anchor a statement is derived
# from is included for each statement. Normally, it is represented by the
# name of its TAL file sans the exctension (i.e., "foo.tal" will be
# represented by "foo").
#
# In order to allow full compatibility with the RIPE NCC Validator's output,
# you can use this options to provide alternative labels. The value maps the
# file name (this time including the extension) to its label.
#
# The following will result in the same TAL labels as used by default by the
# RIPE NCC Validator for the TALs included with Routinator.
#tal-labels = [
# ["afrinic.tal", "AFRINIC RPKI Root"],
# ["apnic.tal", "APNIC RPKI Root"],
# ["arin.tal", "ARIN RPKI Root"],
# ["lacnic.tal", "LACNIC RPKI Root"],
# ["ripe.tal", "RIPE NCC RPKI Root"],
#]