Configuration¶

Disco reads a single YAML file. The default path is /etc/disco/config.yaml. Override it with the -config flag.

Validate a config file before starting the daemon:

disco config validate /etc/disco/config.yaml

Full reference¶

daemon:
  # Unix socket path used by the CLI and NSS module to reach the daemon.
  socket_path: /run/disco.sock
  # How often the daemon broadcasts its own presence.
  broadcast_interval: 30s
  # How long a host record remains valid without a new announcement.
  record_ttl: 3600s
  # PID file location.
  pid_file: /var/run/disco.pid

network:
  # Network interfaces to broadcast on. Empty means all non-loopback interfaces.
  interfaces: [eth0, wlan0]
  # Broadcast destination (host:port). 255.255.255.255 reaches all hosts on the local segment.
  broadcast_addr: "255.255.255.255:5354"
  # Token bucket rate limit: maximum broadcast messages per second.
  max_broadcast_rate: 10

discovery:
  enabled: true
  # Scan local ports and include detected services in announcements.
  detect_services: true
  # Maps service names to port numbers. Disco announces any open port in this list.
  service_port_mapping:
    www:  [80, 443, 8080]
    smtp: [25, 587]
    mail: [110, 143, 993, 995]
    xmpp: [5222, 5269]
    ssh:  [22]
    ftp:  [21]
  # How often the daemon re-scans local ports for services.
  scan_interval: 60s

security:
  enabled: false
  # Path to the key file generated by `disco key generate`.
  key_path: /etc/disco/keys.json
  # Path to trusted peers key file.
  trusted_peers: /etc/disco/trusted_peers.json
  # Drop unsigned messages when true. Requires security.enabled: true.
  require_signed: false

logging:
  # Levels: debug, info, warn, error
  level: info
  # Formats: text, json
  format: text
  # Log to this file instead of stdout. Empty means stdout.
  file: ""

time_sync:
  enabled: false
  # Minimum number of GPS sources that must agree before adjusting the clock.
  min_sources: 2
  # Maximum acceptable disagreement between sources.
  max_source_spread: 100ms
  # Reject TIME_ANNOUNCE messages older than this.
  max_stale_age: 30s
  # Maximum acceptable root dispersion from a source.
  max_dispersion: 1.0
  # Step the clock (immediate jump) if the offset exceeds this threshold.
  step_threshold: 128ms
  # Slew the clock (gradual adjustment) if the offset exceeds this threshold.
  slew_threshold: 500us
  # How often to check and apply time adjustments.
  poll_interval: 60s
  # Require signed TIME_ANNOUNCE messages.
  require_signed: true
  # Allow the clock to be stepped backward. Keep false in most deployments.
  allow_step_backward: false

health:
  # Host remains healthy for this long after the last announcement.
  grace_period: 60s
  # Remove a host record entirely after this long without an announcement.
  expire_after: 3600s
  # How often the daemon sweeps for expired records.
  cleanup_interval: 30s

dns:
  enabled: false
  # Port to bind the DNS server to. Requires root or CAP_NET_BIND_SERVICE when < 1024.
  port: 53
  # Domain suffix for discovered hosts. Hosts resolve as <hostname>.<domain>.
  domain: disco
  # Addresses to bind the DNS listener on.
  bind_addresses:
    - "0.0.0.0"
  # DNS TTL (seconds) returned for healthy hosts.
  ttl_healthy: 30
  # DNS TTL (seconds) returned for stale hosts.
  ttl_stale: 10

# Static host entries that never expire.
static_hosts:
  printer:
    addresses:
      - "192.168.1.50"
    services:
      - name: ipp
        port: 631
        protocol: tcp
  router:
    addresses:
      - "192.168.1.1"
    services: []

Field reference¶

daemon¶

Field	Type	Default	Description
`socket_path`	string	`/run/disco.sock`	Unix socket path
`broadcast_interval`	duration	`30s`	Announcement frequency
`record_ttl`	duration	`3600s`	Host record lifetime
`pid_file`	string	`/var/run/disco.pid`	PID file location

network¶

Field	Type	Default	Description
`interfaces`	list	all non-loopback	Interfaces to broadcast on
`broadcast_addr`	string	`255.255.255.255:5354`	Broadcast destination
`max_broadcast_rate`	int	`10`	Max messages per second

discovery¶

Field	Type	Default	Description
`enabled`	bool	`true`	Enable host discovery
`detect_services`	bool	`true`	Scan ports and announce services
`service_port_mapping`	map	see above	Service name to port list mapping
`scan_interval`	duration	`60s`	Port scan frequency (minimum `10s`)

security¶

Field	Type	Default	Description
`enabled`	bool	`false`	Enable message signing
`key_path`	string	`/etc/disco/keys.json`	Key file path
`trusted_peers`	string	`/etc/disco/trusted_peers.json`	Trusted peers file
`require_signed`	bool	`false`	Drop unsigned messages

See How-to: Enable Security for the setup procedure.

logging¶

Field	Type	Default	Description
`level`	string	`info`	Log level: `debug`, `info`, `warn`, `error`
`format`	string	`text`	Output format: `text` or `json`
`file`	string	``	Log file path; empty writes to stdout

time_sync¶

Field	Type	Default	Description
`enabled`	bool	`false`	Enable GPS time synchronization
`min_sources`	int	`2`	Minimum agreeing sources before adjusting
`max_source_spread`	duration	`100ms`	Maximum spread between sources
`max_stale_age`	duration	`30s`	Maximum age of a TIME_ANNOUNCE message
`max_dispersion`	float	`1.0`	Maximum root dispersion
`step_threshold`	duration	`128ms`	Offset above which the clock steps
`slew_threshold`	duration	`500us`	Offset above which the clock slews
`poll_interval`	duration	`60s`	How often to check and apply adjustments
`require_signed`	bool	`true`	Require signed time messages
`allow_step_backward`	bool	`false`	Allow stepping the clock backward

See How-to: Time Sync for the setup procedure.

health¶

Field	Type	Default	Description
`grace_period`	duration	`60s`	Time after last announcement before a host turns stale
`expire_after`	duration	`3600s`	Time after which a host record is removed
`cleanup_interval`	duration	`30s`	How often to sweep for expired records

dns¶

Field	Type	Default	Description
`enabled`	bool	`false`	Enable the built-in DNS server
`port`	int	`53`	DNS listener port
`domain`	string	`disco`	Domain suffix for discovered hosts
`bind_addresses`	list	`["0.0.0.0"]`	Addresses to bind
`ttl_healthy`	int	`30`	DNS TTL in seconds for healthy hosts
`ttl_stale`	int	`10`	DNS TTL in seconds for stale hosts

See How-to: Enable DNS for the setup procedure.

static_hosts¶

A map of hostname to static host entries. Static hosts never expire and are included in all NSS lookups and DNS responses.

Field	Type	Description
`addresses`	list	IP addresses for this host
`services[].name`	string	Service name
`services[].port`	int	Service port
`services[].protocol`	string	Protocol: `tcp` or `udp`

See How-to: Static Hosts.