hmac-file-server/ejabberd-module/config-network-resilient.toml

# 🌐 Network Resilience Configuration for HMAC File Server 3.3.0
# Optimized for WiFi ↔ LTE switching and mobile device standby scenarios
# Date: August 26, 2025

[server]
interface = "0.0.0.0"
port = 8080
upload_path = "./uploads"
log_file = "/var/log/hmac-file-server.log"
log_level = "info"

# Network resilience - CRITICAL for mobile scenarios
networkevents = true                        # REQUIRED: Monitor network changes
bind_all_interfaces = true                  # Listen on all network interfaces
allow_ip_changes = true                     # Allow clients to change IP addresses
adapt_to_client_network = true             # Optimize based on client connection type

[auth]
shared_secret = "your-secure-secret-here"
bearer_tokens_enabled = true               # REQUIRED for ejabberd integration
jwt_enabled = true
hmac_enabled = true

# Extended token validity for network changes
token_expiry = 86400                       # 24 hours (was 3600)
grace_period = 7200                        # 2 hours grace period after expiry
extended_validation = true                 # Validate expired tokens within grace period

[uploads]
# Upload resilience settings
resumable_uploads_enabled = true           # CRITICAL: Enable upload resumption
max_resumable_age = "72h"                  # Keep sessions for 3 days
session_recovery_timeout = "600s"          # 10 minutes to recover from network change
client_reconnect_window = "300s"           # 5 minutes for client to reconnect
upload_slot_ttl = "86400s"                 # 24-hour upload slot validity

# Network change handling
allow_session_resume = true                # Resume from different IP addresses
retry_failed_uploads = true                # Auto-retry failed uploads
max_upload_retries = 8                     # More retries for mobile networks
network_change_grace_period = "120s"       # 2 minutes grace during network switch

# Mobile-optimized settings
chunk_size = "5MB"                         # Smaller chunks for mobile stability
max_upload_size = "1GB"                    # Per-file limit
max_files_per_user = 1000                  # Per-user file limit
upload_timeout = "3600s"                   # 1 hour upload timeout

# Session persistence
session_persistence = true                 # Persist sessions across server restarts
session_storage_path = "./sessions"        # Store session data
cleanup_expired_sessions = true            # Auto-cleanup old sessions

[network_resilience]
# Network change detection and handling
enabled = true                             # Enable network resilience system
fast_detection = true                      # 1-second detection (vs 5-second default)
quality_monitoring = true                  # Monitor connection quality (RTT, packet loss)
predictive_switching = true                # Switch proactively before network failure
mobile_optimizations = true               # Use mobile-friendly thresholds

# Timing parameters
detection_interval = "1s"                  # Network change detection interval
quality_check_interval = "5s"             # Connection quality check interval
network_change_threshold = 3              # Switches to trigger network change event
interface_stability_time = "10s"          # Time before marking interface stable

# Upload resilience during network changes
upload_resilience = true                   # Resume uploads across network changes
upload_pause_timeout = "10m"              # Maximum pause time during network switch
upload_retry_timeout = "20m"              # Maximum retry time after network change

# Mobile network thresholds (cellular-friendly)
rtt_warning_threshold = "500ms"            # RTT warning for cellular
rtt_critical_threshold = "2000ms"          # RTT critical for cellular
packet_loss_warning_threshold = 5.0       # 5% packet loss warning
packet_loss_critical_threshold = 15.0     # 15% packet loss critical

[downloads]
chunkeddownloadsenabled = true
chunksize = "5MB"                          # Mobile-friendly chunk size
resume_downloads = true                    # Allow download resumption
download_timeout = "1800s"                # 30 minutes download timeout

[timeouts]
# Extended timeouts for mobile scenarios
readtimeout = "600s"                       # 10 minutes read timeout (was 30s)
writetimeout = "600s"                      # 10 minutes write timeout (was 30s)
idletimeout = "1200s"                      # 20 minutes idle timeout (was 60s)
handshake_timeout = "120s"                 # 2 minutes for handshake
keep_alive_timeout = "300s"                # 5 minutes keep-alive

[logging]
level = "INFO"
file = "/var/log/hmac-file-server/network-resilience.log"
max_size = 100
max_backups = 5
max_age = 7
compress = true

# Enhanced logging for network events
log_network_events = true                  # Log all network change events
log_upload_sessions = true                 # Log upload session lifecycle
log_token_refresh = true                   # Log token refresh events
log_ip_changes = true                      # Log client IP address changes

[workers]
numworkers = 20                            # More workers for concurrent uploads
uploadqueuesize = 2000                     # Larger queue for mobile bursts
autoscaling = true                         # Auto-scale workers based on load
max_workers = 50                           # Maximum worker limit

[metrics]
enabled = true
port = 9090
expose_network_metrics = true              # Expose network resilience metrics
track_session_recovery = true              # Track session recovery success rate
track_network_switches = true              # Track network switching events

[security]
# Enhanced security for extended sessions
rate_limiting = true
max_requests_per_minute = 120              # Higher limit for mobile retries
max_uploads_per_user_per_hour = 100       # Reasonable limit for mobile usage
block_suspicious_ips = false               # Don't block for IP changes
trust_proxy_headers = true                 # Trust X-Forwarded-For for mobile carriers

[storage]
# Storage management for longer session retention
cleanup_interval = "6h"                    # Clean up every 6 hours
retention_days = 7                         # Keep files for 7 days (was 30)
cleanup_expired_sessions = true            # Remove expired upload sessions
compress_old_logs = true                   # Compress logs older than 1 day