modalityd Configuration File

# Summary

The Modality daemon, modalityd, can be configured either with command line arguments or through a configuration file. By default modalityd looks for a configuration file at /etc/modalityd/config.toml. You can provide a different location for modalityd to find its configuration file with the MODALITYD_CONFIG environment variable.

The modalityd configuration file can specify:

The address(es) at which modalityd's HTTP API will be available. This API is used by the CLI.
The address(es) at which modalityd listens for incoming data.
The directory where modalityd stores its databases.
The license key.
TLS certificate and key for secure HTTPS connections.
Whether to allow insecure connections.

# modalityd Configuration File Fields

`api-addr` `string`
modalityd's APIs (used by the `modality` CLI) will be available at this socket over HTTP. Defaults to `'127.0.0.1:14181'`. Can be overridden with the `--api-addr` command line option.

`api-addr-tls` `string`
modalityd's APIs (used by the `modality` CLI) will be available at this socket over HTTPS. Only enabled if you provide both `tls-cert` and `tls-key`. Defaults to `'127.0.0.1:14183'`. Can be overridden with the `--api-addr-tls` command line option.

`connect-addr` `string`
Socket on which modalityd listens for incoming data, either from a reflector or directly from a system that implements modalityd's data collection protocol. This is the socket for insecure connections. Defaults to `'127.0.0.1:14182'`. Can be overridden with the `--connect-addr` option.

`connect-addr-tls` `string`
Socket on which modalityd listens for incoming data, either from a reflector or directly from a system that implements modalityd's data collection protocol. This is the socket for secure connections using TLS encryption. Only enabled if you provide both `tls-cert` and `tls-key`. Defaults to `'127.0.0.1:14184'`. Can be overridden with the `--connect-addr-tls` option.

`mutation-connect-addr` `string`
Socket for insecure connections for the Deviant mutation protocol (coming soon). This socket must be available to modalityd, even if you are only running Modality. Defaults to `'127.0.0.1:14192'`. Can be overridden with the `--mutation-connect-addr` command line option.

`mutation-connect-addr-tls` `string`
Socket for secure connections using TLS encryption for the Deviant mutation protocol (coming soon). This socket must be available to modalityd, even if you are only running Modality. Only enabled if you provide both `tls-cert` and `tls-key`. Defaults to `'127.0.0.1:14193'`. Can be overridden with the `--mutation-connect-addr-tls` command line option.

`data-dir` `string`
Directory where modalityd stores its databases. Defaults to `/var/lib/modality`. Can be overridden with the `--data-dir` option.

`license-key` `string`
License key. Can be provided in this configuration file or overridden with the `--license-key` option or the `MODALITY_LICENSE_KEY` environment variable.

`tls-cert` `string`
The certificate chain file to use for TLS connections. Must be in either PKCS#12 or PEM format.

`tls-key` `string`
The private key file to use for TLS connections. Must be in either PKCS#12 or PEM format.

`disable-plaintext-protocols` `bool`
Set to `true` to only allow modalityd to listen on secure connections. Note that both `tls-cert` and `tls-key` must be provided for secure TLS connections to function.

`strict-index-consistency` `bool`
By default, `modalityd` runs in `fast` index consistency mode. In exchange for better indexing performance, this allows modalityd to leave some data unindexed if the process is abnormally terminated under heavy write load. If your use case requires absolute certainty that the index is consistent with the stored even data under crash conditions, you can use the `--strict-index-consistency` flag. When strict mode is enabled, `modalityd` may take a significant amount of time to start up after an abnormal termination event (even when not under write load), as it verifies and recreates the needed indices.

strict-index-consistency

bool

By default, modalityd runs in fast index consistency mode. In exchange for better indexing performance, this allows modalityd to leave some data unindexed if the process is abnormally terminated under heavy write load. If your use case requires absolute certainty that the index is consistent with the stored even data under crash conditions, you can use the --strict-index-consistency flag. When strict mode is enabled, modalityd may take a significant amount of time to start up after an abnormal termination event (even when not under write load), as it verifies and recreates the needed indices.

# Example modalityd Configuration File

# /etc/modalityd/config.toml

api-addr = '127.0.0.1:14181'
api-addr-tls = '127.0.0.1:14183'
connect-addr = '127.0.0.1:14182'
connect-addr-tls = '127.0.0.1:14184'
mutation-connect-addr = '127.0.0.1:14192'
mutation-connect-addr-tls = '127.0.0.1:14193'

data-dir = '/var/lib/modality'
license-key = '000000-000000-000000-000000-000000-V3'

tls-cert = '/path/to/cert/file'
tls-key = '/path/to/key/file'
disable-plaintext-protocols = false

# modalityd Configuration File Locations

By default modalityd looks for its configuration file at /etc/modalityd/config.toml. You can specify a different config file location with the MODALITYD_CONFIG environment variable.

← modality-reflector Configuration File Overview →