Infinoted

infinoted is a dedicated infinote server that is contained in libinfinity.

Usage

By default, infinoted uses TLS to encrypt data sent through the network. For that, it needs a private key and a server certificate to prevent man-in-the-middle attacks. The -k and -c options of infinoted specify the key file or the certificate file, respectively. If you want to get going quickly without worrying too much about this, you basically have two options:

• Turn off TLS by passing --security-policy=no-tls to infinoted.

• Let infinoted create a key and a self-signed certificate, using the --create-key and --create-certificate switches. The common name of the certificate will be set to the host name of the computer. The -k and -c options specify where the created key and certificate are stored. Creating the key may take a while, so be patient. If you need anything more fancy, you can also use gnutls's certtool.

Config files

infinoted reads /etc/xdg/infinoted.conf and ~/.config/infinoted.conf (in that order, options specified in the latter file overwrite the ones from the former file), or %APPDATA%/infinoted.conf on Windows. It's GKeyFile format. Options from the command line overwrite config file options. All options need to be in the infinoted group. Allowed options are:

• root-directory [filename]: The directory within which to store the documents on the server. Defaults to ~/.infinote if not given. Same as "-r" command line option.
• security-policy [no-tls|allow-tls|require-tls]: no-tls does not require a private key/certificate pair. require-tls requires clients to use TLS, whereas allow-tls allows them to choose not to use it. Same as --security-policy command line option.
• certificate-file [filename]: The certificate to use for TLS. Must be an absolute path. Same as -c command line option.
• key-file [filename]: The private key to use for TLS. Must be an absolute path. Same as -k command line option.
• autosave-interval [integral positive number] (Since infinoted 0.2): Interval in seconds within which to save modified documents to permanent storage. Set to 0 to disable autosave.
• certificate-chain [filename] (Since infinoted 0.3): Specifies the certificate chain down to the root certificate. This may be used if the chain is not already present in the file specified by --certificate-file.
• password [string] (Since infinoted 0.4): Global server password. If set, then each client needs to provide this password in order to connect.
• sync-directory [filename] (Since infinoted 0.4): A directory into which a copy of the document tree is stored periodically.
• sync-interval [integral positive number] (Since infinoted 0.4): The interval within which to synchronize the document tree to the path given by sync-directory.
• pam-service [string] (Since infinoted 0.5): Authenticate clients against given pam service on connection.
• allow-user [stringlist] (Since infinoted 0.5): Users allowed to connect after pam authentication. Separate entries with semicolons.
• allow-group [stringlist] (Since infinoted 0.5): Group allowed to connect after pam authentication. Separate entries with semicolons.

Example

[infinoted]
security-policy=require-tls
certificate-file=/home/armin/infinoted/cert.pem
key-file=/home/armin/infinoted/key.pem

Data storage

The data on the server is stored in the root-directory given to infinoted, ~/.infinote by default. If autosave is disabled, sessions are not stored immediately, but only when there was no activity for some time or the server is shut down.