Infinoted

infinoted is a dedicated infinote server that is contained in libinfinity. It replaces Sobby since the Gobby 0.5 series.

Usage

By default, infinoted uses TLS to encrypt data sent through the network. For that, it needs a private key and a server certificate to prevent man-in-the-middle attacks. The -k and -c options of infinoted specify the key file or the certificate file, respectively. If you want to get going quickly without worrying too much about this, you basically have two options:

• Turn off TLS by passing --security-policy=no-tls to infinoted.

• Let infinoted create a key and a self-signed certificate, using the --create-key and --create-certificate switches. The common name of the certificate will be set to the host name of the computer. The -k and -c options specify where the created key and certificate are stored. Creating the key may take a while, so be patient. If you need anything more fancy, you can also use gnutls's certtool.

Config files

infinoted reads /etc/xdg/infinoted.conf and ~/.config/infinoted.conf (in that order, options specified in the latter file overwrite the ones from the former file), or %APPDATA%/infinoted.conf on Windows. It's GKeyFile format. Options from the command line overwrite config file options. All options need to be in the infinoted group. Allowed options are:

• root-directory [filename]: The directory within which to store the documents on the server. Defaults to ~/.infinote if not given. Same as "-r" command line option.
• security-policy [no-tls|allow-tls|require-tls]: no-tls does not require a private key/certificate pair. require-tls requires clients to use TLS, whereas allow-tls allows them to choose not to use it. Same as --security-policy command line option.
• certificate-file [filename]: The certificate to use for TLS. Must be an absolute path. Same as -c command line option.
• key-file [filename]: The private key to use for TLS. Must be an absolute path. Same as -k command line option.
• autosave-interval [integral positive number] (Since infinoted 0.2): Interval in seconds within which to save modified documents to permanent storage. Set to 0 to disable autosave.
• certificate-chain [filename] (Since infinoted 0.3): Specifies the certificate chain down to the root certificate. This may be used if the chain is not already present in the file specified by --certificate-file.
• password [string] (Since infinoted 0.4): Global server password. If set, then each client needs to provide this password in order to connect.
• sync-directory [filename] (Since infinoted 0.4): A directory into which a copy of the document tree is stored periodically.
• sync-interval [integral positive number] (Since infinoted 0.4): The interval within which to synchronize the document tree to the path given by sync-directory.
• pam-service [string] (Since infinoted 0.5): Authenticate clients against given pam service on connection.
• allow-user [stringlist] (Since infinoted 0.5): Users allowed to connect after pam authentication. Separate entries with semicolons.
• allow-group [stringlist] (Since infinoted 0.5): Group allowed to connect after pam authentication. Separate entries with semicolons.
• autosave-hook [string] (Since infinoted 0.6): A program or script to execute every time a document is auto-saved. The script receives two arguments: the path to the root directory and the path of the file that was saved in the infinote tree.
• sync-hook [string] (Since infinoted 0.6): A program or script to execute every time a document is synchronized to a directory (see sync-directory option). The script receives two arguments: the path of file that was saved in the infinote tree and the path of the file that was saved in the filesystem.
• ca-list-file [filename] (Since infinoted 0.6): Specifies a file with a list of trusted CA certificates. If this option is set, clients are required to authenticate themselves with a client certificate which was issued by one of the trusted CAs in the list.

Example

[infinoted]
security-policy=require-tls
certificate-file=/home/armin/infinoted/cert.pem
key-file=/home/armin/infinoted/key.pem

Data storage

The data on the server is stored in the root-directory given to infinoted, ~/.infinote by default. If autosave is disabled, sessions are not stored immediately, but only when there was no activity for some time or the server is shut down.