DOCS configuration
Support# Configuration Guide: `config.toml` The `config.toml` file stores the persistent configuration for a Bauxite node. It is typically generated by the `join` command. ## Section: `[node]` - `id`: The unique identifier for this node. - `virtual_ip`: The assigned IP address within the mesh (assigned by the Hub). - `discovery_server_id`: (ROS 2) Unique ID used for the FastDDS Discovery Server. - `viewer_ip`: (Optional) Target virtual IP for mobile telemetry streaming. - `jurisdiction`: (Optional) Sovereignty marker used for data residency and policy checks. ## Section: `[network]` - `mode`: Networking mode (typically `p2p`). - `listen_port`: The UDP port for mesh traffic (default: `51820`). - `psk`: Pre-shared key for initial packet verification. - `static_peer`: (Optional) Address of a static peer to bootstrap connectivity. - `stun_url`: The STUN server used for NAT discovery (e.g., `stun:stun.l.google.com:19302`). - `turn_url`: (Optional) TURN server for relaying traffic if P2P hole punching fails. - `turn_user`: (Optional) Username for TURN authentication. - `turn_pass`: (Optional) Password for TURN authentication. - `cipher`: Encryption algorithm to use. Options: `chacha20-poly1305` (default), `aes256-gcm` (required for FIPS), `none` (unencrypted - use with caution). - `outbound_only`: (Optional) If true, the node will not accept incoming hole punching requests. - `session_lease_ttl_secs`: (Optional) Time-to-live for P2P session keys before rotation. - `intent_port`: (Optional) Port for the intent gRPC service (default: `50052`). - `intent_socket_path`: (Optional) Path to the intent Unix socket. ## Section: `[hub]` - `url`: The address of the Control Plane (gRPC). - `join_token`: (Optional) Token used during the initial join process. - `public_key`: The Hub's public key for signature verification. ## Section: `[security]` - `ca_path`: Path to the Root CA certificate. - `cert_path`: Path to this node's signed mTLS certificate. - `key_path`: Path to this node's private sovereign key. - `dev_skip_tls_verification`: (Optional) Skip TLS certificate verification in development (default: `false`). ## Section: `[ebpf]` eBPF data-plane offload configuration. Defaults to disabled. - `enabled`: Whether eBPF data-plane offload is enabled (default: `false`). - `tier_preference`: Tier preference — `auto`, `skmsg`, `kprobe`, or `none` (default: `auto`). - `shm_path`: Shared memory pool path (default: `/dev/shm/bauxite_ipc_pool`). - `shm_pool_size_mb`: Total pool size in MB (default: `64`). - `small_slot_size_kb`: Small slot size in KB (default: `4`). - `large_slot_size_kb`: Large slot size in KB (default: `64`). - `num_small_slots`: Number of small slots (default: `512`). - `num_large_slots`: Number of large slots (default: `64`). - `watchdog_interval_ms`: Watchdog interval in milliseconds (default: `250`). - `slot_expiry_ms`: Slot expiry time in milliseconds (default: `5000`). - `utilization_guard`: Utilization guard threshold, 0.0–1.0 (default: `0.9`). ## Section: `[qos]` Bauxite uses these settings to automatically prioritize traffic lanes: - `high_ports`: Ports mapped to the **Critical** lane (e.g., `[5004, 5005]`). - `medium_ports`: Ports mapped to the **Telemetry** lane. - `high_queue`: Maximum depth of the high-priority queue. - `medium_queue`: Maximum depth of the medium-priority queue. - `low_queue`: Maximum depth of the low-priority queue. - `medium_burst`: Number of telemetry packets allowed to burst per scheduler cycle. - `low_burst`: Number of bulk packets allowed to burst per scheduler cycle. ## Section: `[ml]` (Optional) - `enabled`: Set to `true` to enable the ML sidecar. - `triton_url`: gRPC URL of the NVIDIA Triton server. - `zero_copy_shm`: Name of the POSIX shared memory region. - `shm_size_mb`: Size of the shared memory region in MB. - `vlm_model_name`: Name of the model to use for visual inference. - `offload_target_node`: ID of a remote node to offload inference tasks to (default: `""`).