[http]
host = "0.0.0.0"
port = 6004
# Whether the server is behind a reverse proxy, like NGINX
proxying = false
# IPs allowed to access the server in proxy mode.
# 99% of the time this will only be 127.0.0.1
proxyAllowedIps = ["127.0.0.1"]
# Whether the Origin header check is enabled.
origin = false
# Origins to accept connections from.
originAllowedDomains = ["computernewb.com"]

[geoip]
# Enables support for showing country flags next to usernames.
enabled = false
# Directory to store and load GeoIP databases from.
directory = "geoip/"
# MaxMind license key and account ID (https://www.maxmind.com/en/accounts/current/license-key)
accountID = ""
licenseKey = ""

[tcp]
# Enabled the raw TCP socket server
# You usually want to leave this disabled
enabled = false
host = "0.0.0.0"
port = 6014

[auth]
# Enables the CollabVM account authentication system
# Requires an authentication server (https://git.computernewb.com/collabvm/CollabVMAuthServer)
enabled = false
apiEndpoint = ""
secretKey = "hunter2"

# When account authentication is enabled, this section defines what guests can and can't do
# Has no effect if auth is disabled
[auth.guestPermissions]
chat = true
turn = false
callForReset = false
vote = true

[vm]
# Configures the type of VM this server will use
# Supported values:
#    "qemu" - Runs a QEMU VM
#    "vncvm" - Connects to an existing VNC server
type = "qemu"

# QEMU options
# Only used if vm.type is set to "qemu"
[qemu]
qemuArgs = "qemu-system-x86_64"
# VNC port to be used for this VM. Must be unique among all VMs. Only used on Windows, as unix sockets are used on Linux.
vncPort = 5900
snapshots = true

# Resource limits. Only works on Linux, with `Delegate=yes` set in your .service file. No-op on other platforms.
#
# cpuUsageMax optionally specifies the max CPU usage as percentage in the common top notation, so 200% means 2 CPUs, 400% is 4 CPUs, 
# so on.
#
# runOnCpus is an optional array that specifies what CPUs the VM is allowed to run on.
# Systemd user slices can not delegate the cpuset controller, meaning this option will *not* work if you do not use a system service.
# (effectively, it will be a loud no-op that logs an error on startup)
#
# limitProcess is optional (default false) and determines if only qemu vCPU threads are put into the cgroup,
# or the entire QEMU process (incl. all its threads). The default behaviour of only limiting vCPU threads
# is more than likely what you want, so the example configuration omits specifying this key.
#
# Commenting this inline table from the configuration disables resource limiting entirely.
resourceLimits = { cpuUsageMax = 100, runOnCpus = [ 2, 4 ] }


# VNC options
# Only used if vm.type is set to "vncvm"
[vncvm]
vncHost = "127.0.0.1"
vncPort = 5900
# startCmd = ""
# stopCmd = ""
# rebootCmd = ""
# restoreCmd = ""

[mysql]
# Configures the MySQL database. This is ONLY required if you use the internal cvmban banning system (configured below)
enabled = false
host = "127.0.0.1"
username = "root"
password = "hunter2"
database = "cvmts"

# This section configures banning users. Note that if you leave this default, banning will NOT function and will be as effective as a kick.
[bans]
# If defined, a command that is run to ban a user from the VM.
# Use $IP to specify an ip and (optionally) use $NAME to specify a username
# bancmd = ""
# If true, enables the internal banning of users using the above MySQL database
cvmban = false

[collabvm]
# Node ID for this server
# Make sure this is unique among all the other nodes in a webapp
node = "acoolvm"
# HTML display name shown on the VM list
displayname = "A <b>Really</b> Cool CollabVM Instance"
# HTML message shown in the chat when a user joins
motd = "welcome!"
# Maximum amount of active connections allowed from the same IP.
maxConnections = 3
# Moderator rank enabled (permissions are defined below)
moderatorEnabled = true
# List of disallowed usernames
usernameblacklist = []
# Maximum length of a chat message
maxChatLength = 100
# Maximum messages in the chat history buffer before old messages are overwritten
maxChatHistoryLength = 10
# Limit the amount of users allowed in the turn queue at the same time from the same IP
turnlimit = { enabled = true, maximum = 1 }
# Temporarily mute a user if they send more than x messages in n seconds
automute = { enabled = true, seconds = 5, messages = 5 }
# How long a temporary mute lasts, in seconds
tempMuteTime = 30
# How long a turn lasts, in seconds
turnTime = 20
# How long a reset vote lasts, in seconds
voteTime = 100
# How long until another vote can be started, in seconds
voteCooldown = 180
# SHA256 sum of the admin and mod passwords. This can be generated with the following command:
# printf "<password>" | sha256sum -
# Example hash is hunter2 and hunter3
adminpass = "f52fbd32b2b3b86ff88ef6c490628285f482af15ddcb29541f94bcf526a3f6c7"
modpass = "fb8c2e2b85ca81eb4350199faddd983cb26af3064614e737ea9f479621cfa57a"
# Whether a password is required to take a turn
turnwhitelist = false
# SHA256 sum for the password to take a turn. Only takes effect if turnwhitelist == true. If set to an empty string or not provided, only admins and mods can take turns
turnpass = ""

# What a moderator can and can't do
[collabvm.moderatorPermissions]
restore = true
reboot = true
ban = true
forcevote = true
mute = true
kick = true
bypassturn = true
rename = true
grabip = true
xss = true