From a0b6de9759b184280ee98c7ecb4b3b684f684c81 Mon Sep 17 00:00:00 2001
From: Ara Sadoyan <ara.sadoyan@netangels.net>
Date: Thu, 30 Apr 2026 18:13:37 +0200
Subject: [PATCH] updated . config example

---
 etc/main.yaml | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/etc/main.yaml b/etc/main.yaml
index 612e1c5..32b6c54 100644
--- a/etc/main.yaml
+++ b/etc/main.yaml
@@ -1,7 +1,7 @@
 # Main configuration file, applied on startup
 threads: 12 # Number of daemon threads default setting
-#runuser: pastor # Username for running aralez after dropping root privileges, requires program to start as root
-#rungroup: pastor # Group for running aralez after dropping root privileges, requires program to start as root
+runuser: aralez # Username for running aralez after dropping root privileges, requires program to start as root
+rungroup: aralez # Group for running aralez after dropping root privileges, requires program to start as root
 daemon: false # Run in background
 upstream_keepalive_pool_size: 500 # Pool size for upstream keepalive connections
 pid_file: /tmp/aralez.pid # Path to PID file
@@ -9,17 +9,14 @@ error_log: /tmp/aralez_err.log # Path to error log
 upgrade_sock: /tmp/aralez.sock # Path to socket file
 config_api_enabled: true # Boolean to enable/disable remote config push capability.
 config_address: 0.0.0.0:3000 # HTTP API address for pushing upstreams.yaml from remote location
-config_tls_address: 0.0.0.0:3001 # HTTP TLS API address for pushing upstreams.yaml from remote location
-config_tls_certificate: /etc/server.crt # Mandatory if config_tls_address is set
-config_tls_key_file: /etc/key.pem # Mandatory if config_tls_address is set
 proxy_address_http: 0.0.0.0:6193 # Proxy HTTP bind address
 proxy_address_tls: 0.0.0.0:6194 # Optional, Proxy TLS bind address
-proxy_certificates: /etc/certs # Mandatory if proxy_address_tls set, should contain a certificate and key files strictly in a format {NAME}.crt, {NAME}.key.
+proxy_configs: /opt/aralez/etc # Mandatory if proxy_address_tls set, should contain a certificate and key files strictly in a format {NAME}.crt, {NAME}.key.
 proxy_tls_grade: a+ # Grade of TLS suite for proxy (a+, a, b, c, unsafe), matching grades of Qualys SSL Labs
-upstreams_conf: /etc/upstreams.yaml # the location of upstreams file
+upstreams_conf: /opt/aralez/etc/upstreams.yaml # the location of upstreams file
 file_server_folder: /opt/storage # Optional, local folder to serve
 file_server_address: 127.0.0.1:3002 # Optional, Local address for file server. Can set as upstream for public access.
 log_level: info # info, warn, error, debug, trace, off
 hc_method: HEAD # Healthcheck method (HEAD, GET, POST are supported) UPPERCASE
 hc_interval: 2 #Interval for health checks in seconds
-master_key: 910517d9-f9a1-48de-8826-dbadacbd84af-cb6f830e-ab16-47ec-9d8f-0090de732774 # Mater key for working with API server and JWT Secret
\ No newline at end of file
+master_key: 910517d9-f9a1-48de-8826-dbadacbd84af-cb6f830e-ab16-47ec-9d8f-0090de732774 # Mater key for working with API server and JWT Secret