📄️ pki
Defines the path of each file required for a Nebula host: CA certificate, host certificate, and host key. Each of these
📄️ static_host_map
The static host map defines a set of hosts with fixed IP addresses on the internet (or any network). A host can have
📄️ lighthouse
lighthouse.am_lighthouse
📄️ listen
listen sets the UDP port Nebula will use for sending/receiving traffic and for handshakes.
📄️ punchy
punchy configures the sending of inbound/outbound packets at a regular interval to avoid expiration of firewall nat
📄️ cipher
This value must be identical on ALL nodes and lighthouses. Nebula does not support the use of different ciphers
📄️ preferred_ranges
preferred_ranges sets the priority order for underlay IP addresses. Two hosts on the same LAN would likely benefit
📄️ relay
Relay support is new and therefore should be considered experimental. However, relays are a useful tool for solving
📄️ tun
tun.disabled
📄️ logging
logging.level
📄️ sshd
sshd enables nebula's built-in debugging console, which can be accessed via ssh. It can expose informational and
📄️ firewall
The default state of the Nebula interface host firewall is deny all for all inbound and outbound traffic. Firewall
📄️ routines
Default: 1
📄️ stats
Nebula can provide stats for Graphite or Prometheus. Options
📄️ local_range
localrange has been deprecated in favor of preferredranges