-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
modoh-server.toml
160 lines (134 loc) · 8.82 KB
/
modoh-server.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
## Configuration file for the (M)ODoH proxy
## We should note that this proxy is always used with TLS termination reverse proxy in front of it.
## This proxy is not designed to be exposed to the internet directly.
## Listen address [default: "0.0.0.0"]
listen_address = "0.0.0.0"
## Listen port [default: 8080]
listen_port = 8080
## Serving hostname [default: "localhost"]
## This will be used to check host header of incoming requests.
hostname = "modoh.example.com"
## Either one or both of [target] and [relay] must be specified
## Target configuration
[target]
## Target serving path [default: "/dns-query"]
path = "/dns-query"
## Upstream resolver address with port [default: "8.8.8.8:53"]
upstream = "8.8.8.8:53"
## (Optional) TTL for errors, in seconds
error_ttl = 2
## (Optional) Maximum TTL, in seconds
max_ttl = 604800
## (Optional) Minimum TTL, in seconds
min_ttl = 10
## Relay configuration
[relay]
## Relay serving path [default: "/proxy"]
path = "/proxy"
## Maximum number of subsequent nodes (relays and target resolver) [default: 3]
max_subsequent_nodes = 3
## (Optional) User agent string to be sent to the next relay/resolver [default "modoh-server/<VERSION>"]
# forwarder_user_agent = "whatever"
## (Optional, but highly reccomended to set)
## Validation of source, typically user clients, using Id token
[validation]
## Token validation method, multiple methods can be configured
[[validation.token]]
## Token API endpoint
token_api = "https://example.com/v1.0"
## Token issuer, which will be evaluated as `iss` claim of the token
## If not specified, token_api_endpoint will be used as token issuer
token_issuer = "https://example.com/v1.0"
## Allowed client Ids, which will be evaluated as `aud` claim of the token
client_ids = ["client_id_1", "client_id_2"]
## (Optional, but highly reccomended to set)
## Access control of source, typically relays, using source ip address and nexthop destination domain
[access]
## Allowed source ip addrs
## (TODO: from dns, should we fetch addrs associated with a given list of authorized relay domains? but such addresses may be compromised)
## This is evaluated when no authorization header is given in the request or no token validation is configured.
## This happens typcially for forwarded requests from a relay, not a client.
allowed_source_ips = [
"127.0.0.1",
"192.168.1.1",
"192.168.1.2",
"192.168.11.0/24",
]
## Trusted CDNs and proxies ip ranges that will be written in X-Forwarded-For / Forwarded header
trusted_cdn_ips = ["192.168.123.0/24"]
# trusted_cdn_ips_file = "/etc/cdn_ips.txt" # for docker
trusted_cdn_ips_file = "./cdn_ips.txt"
# Always trust previous hop ip address, retrieved from remote_addr.
# We set [default = true], since we assume that this application is always located internal network and exposed along with a TLS reverse proxy.
# (the previous hop is always trusted)
# If you set this to false, you should put your proxy address in trusted_cdn_ips or trusted_cdn_ips_file.
trust_previous_hop = true
## Allowed next destination target and relay domains, evaluated only when the destination is not httpsig-enabled.
allowed_destination_domains = ["example.com", "example.net", "*.example.org"]
## Configuration for HTTP message signatures, which is used to
## - verify if the incoming request is from one of the httpsig-enabled domains,
## - sign outgoing (relayed) requests when the next node is one of the httpsig-enabled domains.
## Note that Source IP address is prioritized over the signature verification.
## The signed request is dispatched to the next hop when the destination domain is in the `allowed_destination_domains` (with public key-based signature)
## or it supports DHKex-based signature (with DHKex-based signature) since it explicitly specify the destination in the config.
## If you need to sign the request for any destination domains with public key-based signature, you should make the `allowed_destination_domains` to be empty.
## Note that in such a case, no signature is appended to the outgoing request when public-key-based signature is unavailable
## and the destination domain does not support DHKex-based signature.
## If [access.httpsig] is not specified, the signature verification is not performed, and public key is not served at endpoint.
[access.httpsig]
## Key types used for httpsig verification
## - Asymmetric key for public-key-based signature like ed25519, ecdsa-p256-sha256 (es256).
## - Diffie-Hellman key exchange for hmac-sha256 (hs256) signature.
## These are automatically generated and exposed at `/.well-known/httpsigconfigs` endpoint.
## default = ["hs256-x25519-hkdf-sha256"],
## supported = "hs256-p256-hkdf-sha256" (h256 via ecdh), "hs256-x25519-hkdf-sha256" (h256 via ecdh), "ed25519", and "es256"
## The DH key type is first used for signing only if available according to the target domain.
## If not available for the domain, the public key type is used for signing if the type exists in the list.
key_types = ["dhp256-hkdf-sha256", "x25519-hkdf-sha256"]
## Public key rotation period in seconds.
## Keys are periodically rotated and exposed to mitigate the risk of key compromise.
## (default = 3600)
key_rotation_period = 3600
## List of HTTP message signatures enabled domains, which expose public keys
## to directly verify public key signatures or to use Diffie-Hellman key exchange for hmac signature.
## Keys are periodically refetched from `/.well-known/httpsigconfigs` endpoints of the domains.
## (default = [])
## Note that the for DHKex, the destination domain filtering is always bypassed for dh_signing_target_domain even if `allowd_destination_domains` does not coincide with `httpsig.enabled_domains`.
enabled_domains = [
## In this example, httpsig configs are fetched from `https://httpsig.example.com/.well-known/httpsigconfigs` endpoint.
## Then, if the fetched configs contains ones for DH based signature, requests dispatched to `*.example.com` are signed with DH based signature.
## For public key based signature, the fetched configs are used only to verify the incoming requests, `dh_signing_target_domain` is not used.
{ configs_endpoint_domain = "httpsig.example.com", dh_signing_target_domain = "*.example.com" },
## If only configs_endpoint_domain is specified, it is used for both fetching and DH signing target.
## Namely the below is equivalent to `{ configs_endpoint_domain = "modoh.example.net", dh_signing_target_domain = "modoh.example.net" }`.
{ configs_endpoint_domain = "modoh.example.net" },
{ configs_endpoint_domain = "modoh.example.org" },
]
## Registry of httpsig enabled domains with public keys, which are served at the given md_url.
## For the served markdown file, minisign signature is served as a file `<markdown_name>.md.minisig`.
## The httpsig enabled domains listed in the markdown file are periodically fetched and updated (default = 300 secs).
## The fetched list is merged with the enabled_domains list.
enabled_domains_registry = [
{ md_url = "https://example.com/httpsig-endpoints.md", public_key = "minisign public key" },
# { md_url = "file:///path/to/httpsig-endpoints.md", public_key = "minisign public key" },
]
## Accept signatures generated with previously exposed public keys for DHKex+HKDF+HMAC. (default = true)
## Considering the key rotation period, there exist a gap between the time when a new key is exposed and the time when other nodes fetch the new key.
## The new exposed key is not used at the external node for signing until the time when the new key is fetched.
## This option accepts the signature generated with the previous key for the time gap.
accept_previous_dh_public_keys = true
## Force HTTP Signature verification for all requests unless the ID token is given in the http header (default = false)
## By default (false), the signature verification is performed only when the source ip address is not in the allowed_source_ips list.
force_verification = false
## Always ignore the result of signature verification. (default = false)
## By default (false), if the signature verification is failed for given key id, the request is immediately rejected.
## If set to true, the signature verification is performed, but the request is always processed regardless of the result.
## Usefull for debugging or testing.
ignore_verification_result = false
## By default, the signature verification is not performed for the requests from the allowed source ip addresses.
## But if `force_verification` is set to true, the signature verification is performed for all requests.
## This option is used to ignore the result of signature verification for the requests from the allowed source ip addresses.
## In other words, requests from not-allowed source ip addresses are always rejected if the signature verification is failed.
## Even if this is set to true, `ignore_verification_result` is evaluated independently.
## (default = true, but not evaluated if `force_verification` is false)
ignore_verification_result_for_allowed_source_ips = true