Sync with newt and olm readme

2026-03-11 05:06:45 +00:00 · 2025-12-10 16:24:42 -05:00
parent c31b0cecde
commit 00b0150fea
4 changed files with 442 additions and 69 deletions
--- a/manage/clients/configure-client.mdx
+++ b/manage/clients/configure-client.mdx
@@ -41,18 +41,32 @@ Refer to the [documentation in the official repository](https://github.com/fosrl
  **Example**: `https://pangolin.example.com`
 </ResponseField>

+<ResponseField name="org" type="string">
+  Organization ID to connect to.
+</ResponseField>
+
+<ResponseField name="user-token" type="string">
+  User authentication token.
+</ResponseField>
+
 <ResponseField name="mtu" type="integer">
-  MTU for the WireGuard interface.
+  MTU for the internal WireGuard interface.
  
  **Default**: `1280`
 </ResponseField>

 <ResponseField name="dns" type="string">
-  DNS server to use for resolving the endpoint.
+  DNS server to use to resolve the endpoint.
  
  **Default**: `8.8.8.8`
 </ResponseField>

+<ResponseField name="upstream-dns" type="string">
+  Upstream DNS server(s), comma-separated.
+  
+  **Default**: `8.8.8.8:53`
+</ResponseField>
+
 <ResponseField name="log-level" type="string">
  The log level to use for Olm output.
  
@@ -73,16 +87,46 @@ Refer to the [documentation in the official repository](https://github.com/fosrl
  **Default**: `5s`
 </ResponseField>

-<ResponseField name="holepunch" type="boolean">
-  Enable NAT hole punching mode instead of relaying through the VPS.
+<ResponseField name="interface" type="string">
+  Name of the WireGuard interface.
+  
+  **Default**: `olm`
+</ResponseField>
+
+<ResponseField name="enable-api" type="boolean">
+  Enable API server for receiving connection requests.
  
  **Default**: `false`
 </ResponseField>

-<ResponseField name="config-file" type="string">
-  Path to a configuration file containing the same arguments as command line.
+<ResponseField name="http-addr" type="string">
+  HTTP server address (e.g., ':9452').
  
-  **Example**: `/etc/olm/config.yaml`
+  **Default**: `:9452`
+</ResponseField>
+
+<ResponseField name="socket-path" type="string">
+  Unix socket path (or named pipe on Windows).
+  
+  **Default**: `/var/run/olm.sock` (Linux/macOS) or `olm` (Windows)
+</ResponseField>
+
+<ResponseField name="disable-holepunch" type="boolean">
+  Disable hole punching.
+  
+  **Default**: `false`
+</ResponseField>
+
+<ResponseField name="override-dns" type="boolean">
+  Override system DNS settings.
+  
+  **Default**: `false`
+</ResponseField>
+
+<ResponseField name="disable-relay" type="boolean">
+  Disable relay connections.
+  
+  **Default**: `false`
 </ResponseField>

 ### Environment Variables
@@ -105,46 +149,141 @@ When both environment variables and CLI arguments are provided, CLI arguments ta
  Olm secret for authentication (equivalent to `--secret`)
 </ResponseField>

-<ResponseField name="OLM_MTU" type="integer">
-  MTU for the WireGuard interface (equivalent to `--mtu`)
+<ResponseField name="ORG" type="string">
+  Organization ID to connect to (equivalent to `--org`)
+</ResponseField>
+
+<ResponseField name="USER_TOKEN" type="string">
+  User authentication token (equivalent to `--user-token`)
+</ResponseField>
+
+<ResponseField name="MTU" type="integer">
+  MTU for the internal WireGuard interface (equivalent to `--mtu`)
  
  **Default**: `1280`
 </ResponseField>

-<ResponseField name="OLM_DNS" type="string">
-  DNS server to use for resolving the endpoint (equivalent to `--dns`)
+<ResponseField name="DNS" type="string">
+  DNS server to use to resolve the endpoint (equivalent to `--dns`)
  
  **Default**: `8.8.8.8`
 </ResponseField>

-<ResponseField name="OLM_LOG_LEVEL" type="string">
+<ResponseField name="UPSTREAM_DNS" type="string">
+  Upstream DNS server(s), comma-separated (equivalent to `--upstream-dns`)
+  
+  **Default**: `8.8.8.8:53`
+</ResponseField>
+
+<ResponseField name="LOG_LEVEL" type="string">
  Log level (equivalent to `--log-level`)
  
  **Default**: `INFO`
 </ResponseField>

-<ResponseField name="OLM_PING_INTERVAL" type="string">
+<ResponseField name="PING_INTERVAL" type="string">
  Interval for pinging the server (equivalent to `--ping-interval`)
  
  **Default**: `3s`
 </ResponseField>

-<ResponseField name="OLM_PING_TIMEOUT" type="string">
+<ResponseField name="PING_TIMEOUT" type="string">
  Timeout for each ping (equivalent to `--ping-timeout`)
  
  **Default**: `5s`
 </ResponseField>

-<ResponseField name="OLM_HOLEPUNCH" type="boolean">
-  Enable NAT hole punching mode (equivalent to `--holepunch`)
+<ResponseField name="INTERFACE" type="string">
+  Name of the WireGuard interface (equivalent to `--interface`)
+  
+  **Default**: `olm`
+</ResponseField>
+
+<ResponseField name="ENABLE_API" type="boolean">
+  Enable API server for receiving connection requests (equivalent to `--enable-api`)
+  
+  Set to "true" to enable
  
  **Default**: `false`
 </ResponseField>

-<ResponseField name="OLM_HEALTH_FILE" type="string">
-  Path to health file for connection monitoring (equivalent to `--health-file`)
+<ResponseField name="HTTP_ADDR" type="string">
+  HTTP server address (equivalent to `--http-addr`)
+  
+  **Default**: `:9452`
 </ResponseField>

-<ResponseField name="OLM_CONFIG_FILE" type="string">
-  Load the config from this file instead of command line arguments (equivalent to `--config-file`)
+<ResponseField name="SOCKET_PATH" type="string">
+  Unix socket path or Windows named pipe (equivalent to `--socket-path`)
+  
+  **Default**: `/var/run/olm.sock` (Linux/macOS) or `olm` (Windows)
 </ResponseField>
+
+<ResponseField name="DISABLE_HOLEPUNCH" type="boolean">
+  Disable hole punching (equivalent to `--disable-holepunch`)
+  
+  Set to "true" to disable
+  
+  **Default**: `false`
+</ResponseField>
+
+<ResponseField name="OVERRIDE_DNS" type="boolean">
+  Override system DNS settings (equivalent to `--override-dns`)
+  
+  Set to "true" to enable
+  
+  **Default**: `false`
+</ResponseField>
+
+<ResponseField name="DISABLE_RELAY" type="boolean">
+  Disable relay connections (equivalent to `--disable-relay`)
+  
+  Set to "true" to disable
+  
+  **Default**: `false`
+</ResponseField>
+
+<ResponseField name="CONFIG_FILE" type="string">
+  Set to the location of a JSON file to load secret values
+</ResponseField>
+
+### Loading secrets from files
+
+You can use `CONFIG_FILE` to define a location of a config file to store the credentials between runs. 
+
+```
+$ cat ~/.config/olm-client/config.json
+{
+  "id": "spmzu8rbpzj1qq6",
+  "secret": "f6v61mjutwme2kkydbw3fjo227zl60a2tsf5psw9r25hgae3",
+  "endpoint": "https://app.pangolin.net",
+  "org": "",
+  "userToken": "",
+  "mtu": 1280,
+  "dns": "8.8.8.8",
+  "upstreamDNS": ["8.8.8.8:53"],
+  "interface": "olm",
+  "logLevel": "INFO",
+  "enableApi": false,
+  "httpAddr": "",
+  "socketPath": "/var/run/olm.sock",
+  "pingInterval": "3s",
+  "pingTimeout": "5s",
+  "disableHolepunch": false,
+  "overrideDNS": false,
+  "disableRelay": false,
+  "tlsClientCert": ""
+}
+```
+
+This file is also written to when olm first starts up. So you do not need to run every time with --id and secret if you have run it once! 
+
+Default locations: 
+
+- **macOS**: `~/Library/Application Support/olm-client/config.json`
+- **Windows**: `%PROGRAMDATA%\olm\olm-client\config.json`
+- **Linux/Others**: `~/.config/olm-client/config.json`
+
+### API
+
+Olm can be started with a HTTP or socket API to configure and manage it. See the [API documentation](https://github.com/fosrl/olm/blob/main/API.md) for more details.