# Default Repeater Configuration repeater: # Node name for logging and identification node_name: "mesh-repeater-01" # Geographic location (optional) # Latitude in decimal degrees (-90 to 90) latitude: 0.0 # Longitude in decimal degrees (-180 to 180) longitude: 0.0 # Path to identity file (public/private key) # If not specified, a new identity will be generated identity_file: null # Duplicate packet cache TTL in seconds cache_ttl: 3600 # Score-based transmission filtering # Enable quality-based packet filtering and adaptive delays use_score_for_tx: false # Score threshold for quality monitoring (future use) # Currently reserved for potential future features like dashboard alerts, # proactive statistics collection, or advanced filtering strategies. # Changing this value has no effect on current packet processing. score_threshold: 0.3 # Automatic advertisement interval in hours # The repeater will send an advertisement packet at this interval # Set to 0 to disable automatic adverts (manual only via web interface) # Range: 0 (disabled) to 24+ hours # Recommended: 10 hours for typical deployments send_advert_interval_hours: 10 # Respond to discovery requests from other nodes # When enabled, the repeater will automatically respond to discovery packets # with its node information (node type 2 - repeater) allow_discovery: true # Security settings for login/authentication (shared across all identities) security: # Maximum number of authenticated clients (across all identities) max_clients: 1 # Admin password for full access admin_password: "admin123" # Guest password for limited access guest_password: "guest123" # Allow read-only access for clients without password/not in ACL allow_read_only: false # JWT secret key for signing tokens (auto-generated if not provided) # Generate with: python -c "import secrets; print(secrets.token_hex(32))" jwt_secret: "" # JWT token expiry time in minutes (default: 60 minutes / 1 hour) # Controls how long users stay logged in before needing to re-authenticate jwt_expiry_minutes: 60 # Mesh Network Configuration mesh: # Global flood policy - controls whether the repeater allows or denies flooding by default # true = allow flooding globally, false = deny flooding globally # Individual transport keys can override this setting global_flood_allow: true # Multiple Identity Configuration (Optional) # Define additional identities for the repeater to manage # Each identity operates independently with its own key pair and configuration identities: # Room Server Identities # Each room server acts as a separate logical node on the mesh room_servers: # Example room server configuration (commented out by default) # - name: "TestBBS" # identity_key: "your_room_identity_key_hex_here" # type: "room_server" # # # Room-specific settings # settings: # node_name: "Test BBS Room" # latitude: 0.0 # longitude: 0.0 # admin_password: "room_admin_password" # guest_password: "room_guest_password" # Add more room servers as needed # - name: "SocialHub" # identity_key: "another_identity_key_hex_here" # type: "room_server" # settings: # node_name: "Social Hub" # latitude: 0.0 # longitude: 0.0 # admin_password: "social_admin_123" # guest_password: "social_guest_123" radio: # Frequency in Hz (869.618 MHz for EU) frequency: 869618000 # TX power in dBm tx_power: 14 # Bandwidth in Hz (62500 = 62.5 kHz) bandwidth: 62500 # LoRa spreading factor (7-12) spreading_factor: 8 # Coding rate (5-8) coding_rate: 8 # Preamble length in symbols preamble_length: 17 # Sync word (LoRa network ID) sync_word: 13380 # Enable CRC checking crc_enabled: true # Use implicit header mode implicit_header: false # SX1262 Hardware Configuration sx1262: # SPI bus and chip select bus_id: 0 cs_id: 0 # GPIO pins (BCM numbering) cs_pin: 21 reset_pin: 18 busy_pin: 20 irq_pin: 16 # TX/RX enable pins (-1 to disable) txen_pin: -1 rxen_pin: -1 # LED pins for TX/RX indication (-1 to disable) txled_pin: -1 rxled_pin: -1 use_dio3_tcxo: false # Waveshare hardware flag is_waveshare: false delays: # TX delay factor for flood mode (multiplier) tx_delay_factor: 1.0 # TX delay factor for direct mode (faster) direct_tx_delay_factor: 0.5 duty_cycle: # Enable/disable duty cycle enforcement # Set to false to disable airtime limits enforcement_enabled: false # Maximum airtime per minute in milliseconds max_airtime_per_minute: 3600 # MQTT Publishing Configuration (Optional) mqtt: # Enable/disable MQTT publishing enabled: false # MQTT broker settings broker: "localhost" port: 1883 # Use 8883 for TLS/SSL, 80/443/9001 for WebSockets # Use WebSocket transport instead of standard TCP # Typically uses ports: 80 (ws://), 443 (wss://), or 9001 use_websockets: false # Authentication (optional) username: null password: null # TLS/SSL configuration (optional) # For public brokers with trusted certificates, just enable TLS: # tls: # enabled: true tls: enabled: false # Advanced TLS options (usually not needed for public brokers): # Custom CA certificate for server verification # Leave null to use system default CA certificates (recommended) ca_cert: null # e.g., "/etc/ssl/certs/ca-certificates.crt" # Client certificate and key for mutual TLS (rarely needed) client_cert: null # e.g., "/etc/pymc/client.crt" client_key: null # e.g., "/etc/pymc/client.key" # Skip certificate verification (insecure, not recommended) insecure: false # Base topic for publishing # Messages will be published to: {base_topic}/{node_name}/{packet|advert} base_topic: "meshcore/repeater" # Storage Configuration storage: # Directory for persistent storage files (SQLite, RRD) storage_dir: "/var/lib/pymc_repeater" # Data retention settings retention: # Clean up SQLite records older than this many days sqlite_cleanup_days: 31 # RRD archives are managed automatically: # - 1 minute resolution for 1 week # - 5 minute resolution for 1 month # - 1 hour resolution for 1 year letsmesh: enabled: false iata_code: "Test" # e.g., "SFO", "LHR", "Test" # ============================================================ # BROKER SELECTION MODE - Choose how to connect to brokers # ============================================================ # # EXAMPLE 1: Single built-in broker (default, most common) # Connect to Europe only - simple, low bandwidth broker_index: 0 # 0 = Europe, 1 = US West # EXAMPLE 2: All built-in brokers for maximum redundancy # Survives single broker failure, best uptime # broker_index: -1 # or null - connects to both EU and US # EXAMPLE 3: Only custom brokers (private/self-hosted) # Ignores built-in LetsMesh brokers completely # broker_index: -2 # additional_brokers: # - name: "Private Server" # host: "mqtt.myserver.com" # port: 443 # audience: "mqtt.myserver.com" # EXAMPLE 4: Single built-in + custom backup # Use EU primary with your own backup # broker_index: 0 # additional_brokers: # - name: "Backup Server" # host: "mqtt-backup.mydomain.com" # port: 8883 # audience: "mqtt-backup.mydomain.com" # EXAMPLE 5: All built-in + multiple custom (maximum redundancy) # EU + US + your own servers - best for critical deployments # broker_index: -1 # additional_brokers: # - name: "Custom Primary" # host: "mqtt-1.mydomain.com" # port: 443 # audience: "mqtt-1.mydomain.com" # - name: "Custom Backup" # host: "mqtt-2.mydomain.com" # port: 443 # audience: "mqtt-2.mydomain.com" # ============================================================ status_interval: 300 owner: "" email: "" # Block specific packet types from being published to LetsMesh # If not specified or empty list, all types are published # Available types: REQ, RESPONSE, TXT_MSG, ACK, ADVERT, GRP_TXT, # GRP_DATA, ANON_REQ, PATH, TRACE, RAW_CUSTOM disallowed_packet_types: [] # - REQ # Don't publish requests # - RESPONSE # Don't publish responses # - TXT_MSG # Don't publish text messages # - ACK # Don't publish acknowledgments # - ADVERT # Don't publish advertisements # - GRP_TXT # Don't publish group text messages # - GRP_DATA # Don't publish group data # - ANON_REQ # Don't publish anonymous requests # - PATH # Don't publish path packets # - TRACE # Don't publish trace packets # - RAW_CUSTOM # Don't publish custom raw packets logging: # Log level: DEBUG, INFO, WARNING, ERROR level: INFO # Log format format: "%(asctime)s - %(name)s - %(levelname)s - %(message)s" # Web interface configuration web: # Enable Cross-Origin Resource Sharing (CORS) headers # Allows web frontends from different origins to access the API cors_enabled: false # Custom path to web frontend files (optional) # If not specified, uses the default built-in path # Example: /opt/custom-web-ui or /home/user/my-frontend # web_path: null