xah30/AuraVPN
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fe618b839d7c4e56907d93c8a476eea4a9fbea80
AuraVPN/config/server.toml.example
T
xah30 fe618b839d feat(cli): v3.1 multi-hop runtime — circuit client + relay rendezvous 
Completes v3.1 multi-hop / onion routing (2 hops: client → entry-relay →
exit-server). Combined with the scaffold commit (6c14c0d), the property
holds: entry-relay knows the client IP + client_id but cannot decrypt the
data; exit knows the destination but sees the relay's IP as source.

- aura-cli::circuit: dial_circuit(&[entry, exit], proto_cfg, udp_opts) →
  CircuitConnection. Connects to entry as a normal UdpClient, sends an
  ExtendBridge control envelope, awaits CircuitReady, then runs a SECOND
  Aura handshake to the exit through a local loopback UDP proxy — the
  forwarder ferries datagrams between that proxy socket and the outer
  relay PacketConnection. The inner handshake therefore authenticates the
  EXIT cert (verified by the integration test asserting
  circuit.peer_id() == "localhost-exit"); the relay never sees the inner
  session keys.
- aura-cli::relay: rendezvous(conn, whitelist) -> Bridged{bridge} |
  Fallback{first_pkt} | Refused. 2-second window after handshake to receive
  ExtendBridge. Whitelist enforced; CircuitFailed on miss. Empty whitelist
  logs a warning and runs open. Timeout / non-control → Fallback so the
  same server can be both relay (for circuit clients) and exit (for direct
  clients) simultaneously.
- aura-cli::client: when [client.circuit] enabled → dial_circuit; falls
  back to normal aura_transport::dial when disabled.
- aura-cli::server: relay rendezvous wired before pool/CRL/router path.
  run_bridge spawns two forwarder tasks (conn↔bridge UDP socket).
- 3 integration tests: end-to-end (with peer_id assertion), whitelist
  rejection, back-compat (relay disabled → Err). 3 unit tests in relay.rs.

Workspace: 253 tests passed (247 baseline + 6 new), clippy -D warnings clean,
fmt clean. No new workspace deps. All 28 tracked tasks (v1 + v2 + v3.1) now
complete.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-27 13:16:07 +03:00

147 lines
7.8 KiB
TOML
Raw Blame History

# Aura VPN server configuration (project §9).
# Copy to server.toml and adjust. Paths may begin with `~` (expands to your home directory).
[server]
# Human-readable name (also the server's inner-handshake identity).
name = "aura-edge-1"
# UDP socket to listen on. ":443" mimics HTTPS; binding it needs privileges.
listen = "0.0.0.0:443"
# Accept workers (advisory in v1).
workers = 4
# Optional: drop privileges to this non-root user AFTER the TUN, low-port sockets and any
# [server.nat] commands have been applied. Recommended on production hosts so the long-running
# accept loop does not stay as root. Linux uses setresuid/setresgid (full triple-drop); macOS
# uses setgid/setuid; Windows is a no-op (use a service account instead). When omitted (or
# already running as non-root) no privilege change happens.
# run_as = "nobody"
# Suppress identifier fields (peer_id, client_ip, source_addr, ...) from log output. The events
# still fire (so counters and rates are unaffected); only the offending fields are dropped before
# formatting. Default: false. Set to true on production hosts to keep the log file from accumulating
# the per-client identifiers Russian telcos may be compelled to forward on request.
no_logs = false
[pki]
# Trust anchor (the Aura CA) and this server's leaf cert/key, all PEM.
# Generate with: aura pki init --ca-name "Aura CA" --out ~/.aura
# aura pki issue-server --domain vpn.example.com --out ~/.aura --ca ~/.aura
ca_cert = "~/.aura/ca.crt"
cert = "~/.aura/server.crt"
key = "~/.aura/server.key"
[tunnel]
# Address pool / TUN network. v2 reads the active pool config from [server.pool] below; this value
# is kept as the v1-compatible fallback (used when [server.pool] is omitted entirely) and as the
# network the server-side TUN brings up. The server's own TUN IP is the network's first usable host
# (e.g. 10.7.0.1 for 10.7.0.0/24).
pool_cidr = "10.7.0.0/24"
# TUN MTU (leave headroom under the path MTU for QUIC + Aura framing).
mtu = 1420
# DNS server advertised to clients (informational in v1).
dns = "10.7.0.1"
# v2 per-client IP pool. Each authenticated client gets its own address from `cidr`; the server's
# in-memory `client_ip -> connection` map demultiplexes TUN reads by destination IP. Omit the
# whole [server.pool] section to get the v1-compatible fallback: [tunnel] pool_cidr is reused as a
# dynamic-only pool with no static reservations.
[server.pool]
# Pool CIDR. Optional; defaults to [tunnel] pool_cidr when omitted. Must contain the server's own
# TUN address (the network's first host) and every entry in [server.pool.static].
cidr = "10.7.0.0/24"
# Allocation strategy:
# "static_only" — only ids listed in [server.pool.static] are admitted; unknowns refused.
# "dynamic_only" — static map is ignored; everyone gets the next free address.
# "static_or_dynamic" — static reservation wins; unknown ids get a dynamic address (default).
strategy = "static_or_dynamic"
# Optional `client_id -> ip` pinnings. The key is the verified Common Name from the client's
# certificate (see `aura pki issue-client --id <name>`); the value must lie inside `cidr` above and
# must not collide with the server's own address or another reservation.
[server.pool.static]
# "phone-1" = "10.7.0.20"
# "laptop-1" = "10.7.0.21"
# v2 auto-NAT: when `auto = true`, the server enables IPv4 forwarding at startup and adds a
# MASQUERADE / pf-NAT rule for the address pool on the given egress interface, and rolls every
# change back on shutdown (RAII guard inside `aura server`). Supported on Linux (sysctl +
# iptables) and macOS (sysctl + pfctl). Omit the whole [server.nat] section to keep the v1
# behaviour where the operator configures forwarding by hand. There is no egress-interface
# auto-detection in v1 — `egress_iface` is required when `auto = true`.
#
# IPv6 forwarding / ip6tables / nftables are NOT configured in v1 (TODO for v3).
#
# [server.nat]
# auto = true
# egress_iface = "eth0" # required when auto = true
# dry_run = false # set to true to only log the planned commands without executing them
[mimicry]
# Outer-TLS camouflage hostname the server presents/expects.
sni = "cdn.example.com"
# Enable traffic padding to blend packet sizes into HTTPS buckets.
padding = true
[transport]
# Aura's own post-quantum transport runs over plain UDP (primary), with TCP/443 and QUIC (HTTP/3
# mimicry) as fallbacks. On the server, `order` selects exactly which transports are bound and
# accepted simultaneously. Omitting this whole section enables udp/tcp/quic on 443/443/444.
order = ["udp", "tcp", "quic"]
# The UDP transport and QUIC both ride UDP, so udp_port and quic_port MUST differ. TCP may reuse the
# UDP port number (different protocol). Ports bind on the IP from [server] listen above.
udp_port = 443
tcp_port = 443
quic_port = 444
# UDP: pad datagrams up to HTTPS size buckets to blur the on-wire size distribution.
obfuscate = true
# TCP: prepend a minimal HTTP/1.1 preamble (Host = [mimicry] sni) so the open resembles plain HTTP.
masquerade = true
[transport.masks]
# Daily protocol-mask rotation. When `true`, every day at 05:00 MSK (= 02:00 UTC) the server
# derives a new (SNI, User-Agent, Server-header, padding-profile) tuple from
# HKDF-SHA256(CA-fingerprint, MSK-date) and applies it to new connections — the client derives the
# same tuple independently from the CA fingerprint it already trusts, so no wire coordination is
# needed. Existing connections keep the mask they accepted with. Default: true.
# When `false`, the static values above ([mimicry] sni, [transport] obfuscate, ...) are used as-is.
enabled = true
[transport.knock]
# UDP port-knocking. When `enabled = true`, the UDP transport demands a 16-byte HMAC prefix on
# every HS datagram, derived from `knock_secret_source` (`"ca_fingerprint"` = SHA-256 of the CA
# cert DER). To a passive scanner the listening UDP port looks closed. Default: false.
enabled = false
knock_secret_source = "ca_fingerprint"
[transport.cover]
# Idle-time cover traffic. When `enabled = true`, an established UDP connection periodically
# injects encrypted Ping frames during idle windows so the on-wire byte rate stays roughly
# constant. `mean_interval_ms` controls how often the chaffer wakes up; `jitter` is the
# uniform-random fraction applied (e.g. 0.5 = ±50%). Default: disabled.
enabled = false
mean_interval_ms = 500
jitter = 0.5
# v3.1 multi-hop / onion routing: turn THIS server into an **entry-relay** that can splice an
# inbound client connection to a downstream **exit-server**. Right after the inner Aura
# handshake completes, the relay waits up to 2 seconds for the client to send a single
# ExtendBridge control envelope describing the downstream exit's IP:port. When the address is
# on `allow_extend_to`, the relay opens a `connect()`ed UDP socket to that exit, replies
# CircuitReady, and forwards every byte verbatim — the inner client↔exit handshake travels
# through the relay opaquely, so the relay never sees destination IPs or plaintext bytes.
#
# The connection in that role is NOT registered with the IP pool / [`ServerRouter`]; bridged
# peers do not consume a tunnel address. If no ExtendBridge arrives within 2s the connection
# falls back to the normal VPN-client path (so one server can serve both roles on one port).
# v3.1 only supports the UDP transport for relay hops.
#
# Omitting the whole [server.relay] section (or `enabled = false`) keeps the v2 behaviour intact.
# [server.relay]
# enabled = true
# Whitelist of allowed downstream exit addresses. ONLY literal IP:port entries; DNS resolution
# is NOT performed in v3.1 (unparsable entries are logged at WARN and skipped). An empty list
# turns this server into an OPEN relay accepting any downstream — dangerous; the runtime logs
# a WARN on each accepted bridge.
# allow_extend_to = [
# "198.51.100.5:443", # the exit you operate
# "203.0.113.10:443",
# ]
Reference in New Issue View Git Blame Copy Permalink