hmac-file-server/dockerenv/podman/config.toml.example

# HMAC File Server - Podman Production Configuration
# This file is auto-generated by deploy-podman.sh
# Edit as needed for your specific deployment requirements

[server]
listen_address = "8888"
storage_path = "/data"
metrics_enabled = true
metrics_port = "9090"
max_upload_size = "10GB"
max_header_bytes = 1048576
cleanup_interval = "24h"
max_file_age = "720h"
enable_dynamic_workers = true
worker_scale_up_thresh = 40
worker_scale_down_thresh = 10
deduplication_enabled = true
min_free_bytes = "1GB"
file_naming = "original"
networkevents = true                # Enable network change detection

# Network resilience settings
graceful_shutdown_timeout = "300s"
connection_drain_timeout = "120s"
max_idle_conns_per_host = 5
idle_conn_timeout = "90s"
disable_keep_alives = false
client_timeout = "300s"
restart_grace_period = "60s"

[uploads]
# XMPP-compatible file extensions for maximum client support
allowed_extensions = [".zip", ".rar", ".7z", ".tar.gz", ".tgz", ".gpg", ".enc", ".pgp", ".txt", ".pdf", ".png", ".jpg", ".jpeg", ".gif", ".bmp", ".tiff", ".svg", ".webp", ".wav", ".mp4", ".avi", ".mkv", ".mov", ".wmv", ".flv", ".webm", ".mpeg", ".mpg", ".m4v", ".3gp", ".3g2", ".mp3", ".ogg", ".doc", ".docx"]
chunked_uploads_enabled = true
chunk_size = "32MB"
resumable_uploads_enabled = true
max_resumable_age = "48h"
sessiontimeout = "60m"
maxretries = 3

# Upload resilience settings
session_persistence = true
session_recovery_timeout = "300s"
client_reconnect_window = "120s"
upload_slot_ttl = "3600s"
retry_failed_uploads = true
max_upload_retries = 3

# Enhanced Network Resilience (NEW)
[network_resilience]
enabled = true
fast_detection = true               # 1-second network change detection
quality_monitoring = true           # Monitor RTT and packet loss
predictive_switching = true         # Proactive network switching
mobile_optimizations = true        # Mobile-friendly thresholds
upload_resilience = true            # Resume uploads across network changes
detection_interval = "1s"
quality_check_interval = "5s"
network_change_threshold = 3        # Switches required to trigger network change
interface_stability_time = "10s"    # Mobile-appropriate stability time
upload_pause_timeout = "10m"       # Mobile-friendly upload pause timeout
upload_retry_timeout = "20m"       # Extended retry for mobile scenarios
rtt_warning_threshold = "500ms"     # Cellular network warning threshold
rtt_critical_threshold = "2000ms"   # Cellular network critical threshold
packet_loss_warning_threshold = 5.0 # 5% packet loss warning
packet_loss_critical_threshold = 15.0 # 15% packet loss critical

[downloads]
resumable_downloads_enabled = true
chunked_downloads_enabled = true
chunk_size = "32MB"
# Same extensions as uploads for consistency
allowed_extensions = [".zip", ".rar", ".7z", ".tar.gz", ".tgz", ".gpg", ".enc", ".pgp", ".txt", ".pdf", ".png", ".jpg", ".jpeg", ".gif", ".bmp", ".tiff", ".svg", ".webp", ".wav", ".mp4", ".avi", ".mkv", ".mov", ".wmv", ".flv", ".webm", ".mpeg", ".mpg", ".m4v", ".3gp", ".3g2", ".mp3", ".ogg", ".doc", ".docx"]

[security]
# IMPORTANT: Change these secrets in production!
secret = "CHANGE-THIS-PRODUCTION-SECRET-HMAC-KEY"
enablejwt = true
jwtsecret = "CHANGE-THIS-JWT-SECRET-KEY"
jwtalgorithm = "HS256"
jwtexpiration = "24h"

[logging]
level = "info"
file = "/logs/hmac-file-server.log"
max_size = 100
max_backups = 7
max_age = 30
compress = true

[deduplication]
enabled = true
directory = "/deduplication"

[workers]
numworkers = 4
uploadqueuesize = 100

[timeouts]
readtimeout = "3600s"
writetimeout = "3600s"
idletimeout = "3600s"
shutdown = "30s"

[versioning]
enableversioning = false
backend = "simple"
maxversions = 1

[redis]
redisenabled = false
redisdbindex = 0
redisaddr = "localhost:6379"
redispassword = ""
redishealthcheckinterval = "120s"

[clamav]
clamavenabled = false
clamavsocket = "/var/run/clamav/clamd.ctl"
numscanworkers = 2
scanfileextensions = [".exe", ".dll", ".bin", ".com", ".bat", ".sh", ".php", ".js"]
maxscansize = "200MB"