docs/parados.conf.5@master

master uint/parados / docs / parados.conf.5
  1.Dd January 31, 2026
  2.Dt PARADOS.CONF 5
  3.Os
  4.Sh NAME
  5.Nm parados.conf
  6.Nd configuration file for parados
  7.Sh DESCRIPTION
  8The
  9.Nm
 10file configures
 11.Xr parados 1 .
 12.Pp
 13The file format is line-oriented. Each non-empty,
 14non-comment line is a key/value pair int he form:
 15.Bd -literal -offset indent
 16key=value
 17.Ed
 18.Pp
 19Whitespace around keys and values ignored.
 20Lines beginning with
 21.Sq #
 22are comments and are ignored.
 23Unknown keys are ignored but logged.
 24.Sh FILES
 25.Bl -tag -width Ds
 26.It Pa /etc/parados.conf
 27System-wide configuration file.
 28.It Pa ./parados.conf
 29Fallback configuration file in the current working
 30directory.
 31.El
 32.Sh PARAMETERS
 33.Bl -tag -width Ds
 34.It Ic media_dir
 35Directory containing all media files. The library is built
 36by recursively scanning this directory at startup.
 37.Pp
 38Example:
 39.Bd -literal -offset indent
 40media_dir=/path/to/media
 41.Ed
 42.It Ic server_addr
 43Address to bind the HTTP server to.
 44Use
 45.Cm 127.0.0.1
 46to listen on the local host only. This is recommended if a
 47web interface is being hosted on the same machine; exposing
 48the server to the network may unnecessarily increase risk.
 49Use
 50.Cm 0.0.0.0
 51to listen on all IPv4 interfaces.
 52.Pp
 53Example:
 54.Bd -literal -offset indent
 55server_addr=0.0.0.0
 56.Ed
 57.It Ic server_port
 58TCP port to listen on.
 59.Pp
 60Example:
 61.Bd -literal -offset indent
 62server_port=8088
 63.Ed
 64.It Ic verbose_log
 65Enable or disable verbose logging.
 66Accepted values are
 67.Cm 1 ,
 68.Cm 0 ,
 69.Cm true ,
 70.Cm false ,
 71.Cm yes ,
 72and
 73.Cm no
 74(case-insensitive).
 75.Pp
 76Example:
 77.Bd -literal -offset indent
 78verbose_log=true
 79.Ed
 80.It Ic cors_origin
 81Configure Cross-Origin Resource Sharing (CORS) for web
 82clients.
 83.Pp
 84If empty, no CORS headers are sent.
 85If set to
 86.Cm * ,
 87all origins are allowed.
 88Otherwise, the value is interpreted as a
 89comma-separated list of allowed origins (clients that can
 90interact over the web).
 91.Pp
 92Example:
 93.Bd -literal -offset indent
 94cors_origin=http://127.0.0.1:8000
 95.Ed
 96.It Ic http_io_timeout
 97Maximum number of seconds the server will block on a single
 98socket read/write operation.
 99.Pp
100This limits how long a client may stall for while sending a
101request or receiving a response. If the timeout is exceeded,
102the connection is closed.
103.Pp
104This option is used to protect against stalled or
105misbehaving clients. It does not limit the total duration of
106a request or stream.
107.Pp
108Valid values are integers in the range 1 to 300.
109.Pp
110Example:
111.Bd -literal -offset indent
112http_io_timeout=5
113.Ed
114.It Ic max_clients
115Maximum number of concurrent client connections.
116If the limit is reached, new connections receive a
117.Dv 503
118response.
119.Pp
120Valid values are integers in the range 1 to 1024.
121.Pp
122Example:
123.Bd -literal -offset indent
124max_clients=64
125.Ed
126.It Ic auth_delay
127Delay (in ms) before returning
128.Dv 401 Unauthorized
129responses.
130.Pp
131This can slow down brute force login attempts.
132.Pp
133Valid values are non-negative integers 0..
134.Dv INT_MAX .
135A value of
136.Cm 0
137disables the delay.
138.Pp
139Example:
140.Bd -literal -offset indent
141auth_delay=250
142.Ed
143.El
144.Sh AUTHENTICATION
145Authentication entries are specified using repeated groups
146of the keys
147.Ic user ,
148.Ic pass ,
149and
150.Ic allow .
151.Pp
152If no
153.Ic user
154entries are present, authentication is disabled and all files are
155accessible.
156If one or more users are present, HTTP Basic authentication
157is required for all requests except
158.Pa /ping .
159.Pp
160Each
161.Ic user
162starts a new authentication entry. The following
163.Ic pass
164and
165.Ic allow
166lines apply to that user until the next
167.Ic user
168line.
169.Bl -tag -width Ds
170.It Ic user
171Set the username for a new authentication entry.
172.Pp
173Example:
174.Bd -literal -offset indent
175user=glenda
176.Ed
177.It Ic pass
178Set the password for the most recently declared user. If
179empty, the account is passwordless and accepts only an empty
180password.
181.Pp
182Example:
183.Bd -literal -offset indent
184pass=secret
185.Ed
186.It Ic allow
187Add an allowed path prefix for the most recently declared
188user. Multiple
189.Ic allow
190directives may be used.
191.Pp
192A value of
193.Cm *
194allows all paths. Otherwise, the value must match the
195beginning of a file's relative path. Directory boundaries
196are respected.
197.Pp
198Example:
199.Bd -literal -offset indent
200allow=Media/
201allow=Music/
202.Ed
203.El
204.Sh EXAMPLES
205Minimal configuration:
206.Bd -literal -offset indent
207media_dir=/path/to/media
208server_addr=127.0.0.1
209server_port=8088
210verbose_log=true
211cors_origin=
212auth_delay=0
213.Ed
214.Pp
215Two users with separate access:
216.Bd -literal -offset indent
217user=glenda
218pass=pass123
219allow=Media/
220allow=Music/
221
222user=bob
223pass=
224allow=TV/NBA/
225.Ed
226.Pp
227Single passwordless administrative user with full access:
228.Bd -literal -offset indent
229user=admin
230pass=
231allow=*
232.Ed
233.Sh SEE ALSO
234.Xr parados 1 ,
235.Xr parados 7
236.Sh AUTHORS
237.An Abhinav Prasai
238