Homedir
Ruzor uses ~/.ruzor when HOME is set, otherwise /etc/ruzor. Relative paths from configuration files resolve inside the homedir.
| File | Purpose |
|---|---|
servers | Client server list, one host:port per line. |
accounts | Client account credentials for authenticated servers. |
whitelist | Client-side digest whitelist. |
ruzord.passwd | Server account key database. |
ruzord.access | Server ACL rules. |
ruzord.db | Default gdbm digest database. |
Client Configuration
[client]
ServersFile = servers
AccountsFile = accounts
LogFile = client.log
LocalWhitelist = whitelist
Timeout = 5
Style = msg
ReportThreshold = 0
WhitelistThreshold = 0
Server Configuration
[server]
Port = 24441
ListenAddress = 0.0.0.0
LogFile = pyzord.log
UsageLogFile = pyzord-usage.log
PidFile = ruzord.pid
PasswdFile = ruzord.passwd
AccessFile = ruzord.access
Engine = gdbm
DigestDB = ruzord.db
CleanupAge = 0
ProxySources = public.pyzor.org
Threads = false
Processes = false
PreFork = 0
ProxySources is optional. It mirrors --proxy-source, accepts comma-separated host[:port] sources, and only affects local check misses. Positive upstream matches are cached locally; empty matches and upstream errors are skipped.
Accounts
Accounts let a server grant permissions beyond anonymous defaults. The user generates a salt and key, stores salt plus key in the client accounts file, and sends only the key material to the server operator.
ruzor genkey
# ~/.ruzor/accounts
public.ruzor.org : 24441 : alice : SALT,KEY
# /var/lib/ruzor/ruzord.passwd
alice : KEY
Access File
If no access file exists, anonymous users may check, report, ping, pong, and info. Whitelisting is denied by default.
# Allow anonymous checks and reports.
check report ping pong info : anonymous : allow
# Allow one authenticated user to whitelist too.
check report ping pong info whitelist : alice : allow
# Deny rule example.
whitelist : anonymous : deny