@@ -36,13 +36,13 @@ The default configuration file currently contains the following:
3636# # API SDK Security options - pick ONE:
3737
3838# Insecure, no encryption, only local connections will be allowed
39- # security.insecure = {}
39+ # security = "insecure"
4040
4141# Self-signed CA certificate. Global connections will be allowed, clients
4242# on other machines will need a copy of the generated CA Certificate
4343#
4444# This is the default and recommended option.
45- # security. tls-self-signed = {}
45+ # security = " tls-self-signed"
4646
4747# # API SDK Listener options - pick ONE
4848
@@ -67,13 +67,13 @@ The default configuration file currently contains the following:
6767# ## REST API Security options - pick ONE:
6868
6969# Insecure, no encryption, only local connections will be allowed
70- # security.insecure = {}
70+ # security = "insecure"
7171
7272# Self-signed CA certificate. Global connections will be allowed, clients
7373# on other machines will need a copy of the generated CA Certificate
7474#
7575# This is the default and recommended option.
76- # security. tls-self-signed = {}
76+ # security = " tls-self-signed"
7777
7878# ## Listener options
7979# listener.local-only = { port = 4444 } # default
@@ -84,7 +84,7 @@ The default configuration file currently contains the following:
8484# This section is used to control local storage options. This section
8585# is optional.
8686#
87- # Options for each item are `.unlimited = {} ` to set the storage to be
87+ # Options for each item are `= "unlimited" ` to set the storage to be
8888# unbounded, or `.fifo-megabytes = N`, where N is the (approximate) number
8989# of megabytes (specifically mebibytes, N * 1024 * 1024 bytes) to be used
9090# for storing data in a first-in first-out basis.
@@ -138,6 +138,18 @@ The default configuration file currently contains the following:
138138# if `apis.http` is enabled.
139139#
140140# unsafe-inhibit-cors = false
141+
142+ # # Allowed Bridges
143+ #
144+ # This feature enables bridging, allowing for a device to act as a connection
145+ # to further devices.
146+ #
147+ # Acceptable values here are "none", "any", or a list of u64 serial numbers.
148+ # Defaults to "none"
149+ #
150+ # allowed-bridges = "none"
151+ # allowed-bridges = "any"
152+ # allowed-bridges.specific = ["27927AE08C5C829B"]
141153```
142154
143155## The ` apis ` section
@@ -167,16 +179,16 @@ use the following configuration:
167179
168180``` toml
169181[apis .sdk ]
170- security. tls-self-signed = {}
171- listener.global = { socket_addr = " 0.0.0.0:51837"
182+ security = " tls-self-signed"
183+ listener.global = { socket_addr = " 0.0.0.0:51837"
172184```
173185
174186If you wanted to serve only locally, with no encryption, you could use
175187the following configuration:
176188
177189``` toml
178190[apis .sdk ]
179- security.insecure = {}
191+ security = " insecure "
180192listener.local-only = { port = 51837 }
181193```
182194
@@ -202,16 +214,16 @@ use the following configuration:
202214
203215``` toml
204216[apis .http ]
205- security. tls-self-signed = {}
206- listener.global = { socket_addr = " 0.0.0.0:4444"
217+ security = " tls-self-signed"
218+ listener.global = { socket_addr = " 0.0.0.0:4444"
207219```
208220
209221If you wanted to serve only locally, with no encryption, you could use
210222the following configuration:
211223
212224``` toml
213225[apis .http ]
214- security.insecure = {}
226+ security = " insecure "
215227listener.local-only = { port = 4444 }
216228```
217229
@@ -227,7 +239,7 @@ Each item may be set to "unlimited" storage, for example:
227239``` toml
228240[storage ]
229241# Historical "endpoint" request and response data
230- endpoints.unlimited = {}
242+ endpoints = " unlimited "
231243```
232244
233245Or be set to "First In, First Out", which deletes data when the storage exceeds
@@ -245,11 +257,35 @@ These flags are experimental, and may be removed at any time.
245257
246258### ` experimental.unsafe-inhibit-cors `
247259
248- This flags causes the ` http ` API to emit flags that allow for cross-site requests.
260+ This flag causes the ` http ` API to emit flags that allow for cross-site requests.
249261
250262This is necessary if you'd like a web browser to interact directly with poststation's REST API.
251263
252264This is NOT recommended, and may expose poststation to malicious website requests.
253265
254266If you are building a web frontend, it is recommended to instead make API requests with your backend,
255267and have the web frontend speak to your server, rather than poststation directly.
268+
269+ ### ` experimental.allowed-bridges `
270+
271+ This flag enables the experimental "bridging" feature, that allows for a postcard-rpc server to proxy
272+ connections to further devices. Messages to bridged devices will be routed through the bridge device.
273+
274+ Bridge devices are responsible for reporting connected devices, and forwarding messages in both directions.
275+
276+ This interface is likely to change in breaking ways before stabilizing.
277+
278+ Acceptable values here are "none", "any", or a list of u64 serial numbers. Defaults to "none"
279+
280+ ``` toml
281+ # Don't attempt to bridge any connections
282+ allowed-bridges = " none"
283+
284+ # Trust any device that reports as a bridge, and allow for connection
285+ # to onward devices
286+ allowed-bridges = " any"
287+
288+ # ONLY allow the following devices (specified by serial number in hex form) to act
289+ # as bridges. Any device reported by these bridges will establish a connection.
290+ allowed-bridges.specific = [" 27927AE08C5C829B"
291+ ```
0 commit comments