// this is described example of webrdp config file
// NOTE: json format does not support comments, all comment line begining with "//" must be removed from file before using it
{
    // fork to background after start (not implemented yet)
    // default: false
    "daemon": false,

    // set log_level to one of "error", "warning", "info", "debug", "trace"
    // default: "error"
    "log_level": "error"

    // set worker thread count, 0 for one thread per logical cpu core in current system
    // default: 0
    "thread_count": 0,

    // set maximum tasks per worker thread
    // default: 1024
    "tasks_per_thread": 1024,

    // set http (websocket in plain non-ssl mode) listen port, set -1 to disable
    // default: 8080
    "ws_port": 8080,

    // set http (websocket in plain non-ssl mode) socket path, set empty to disable
    // default: disabled
    "ws_socket_path": "/var/run/wrdp_sock",

    // set external auth server url to handle token based authentication, 
    // can be any protocol supported by bundled version of libcurl
    // default: unset
    "auth_server_url": "protocol://server/path",

    // set base64 encoded 512bit token verification key, mandatory option
    "secret_key_verify": "key string",

    // set base64 encoded 512bit token signing key
    // "verify key" used if unset
    "secret_key_sign": "key string",
    
    // set control listen port, set -1 to disable
    // default: 13666
    "ctl_port": 13666,

    // set control socket path, set empty to disable
    // default: disabled
    "ctl_socket_path": "",

    // set control server CAfile pointing to file containing CA certificate(s) in PEM format, The file can contain several CA certificates, set empty to disable
    // default: disabled
    "ctl_ssl_cafile": "",

    // set control server CApath pointing to directory containing CA certificates in PEM format, The files each contain one CA certificate.  The files are looked up by the CA subject name hash value, which must hence be available.
    // set empty to disable
    // default: disabled
    "ctl_ssl_capath": "",
    
    // if both "ctl_ssl_cafile" and "ctl_ssl_capath" not set, system store will be used


    // set control server ssl certificate in PEM format, mandatory option
    "ctl_ssl_cert": "/path/to/cert.pem"

    // set control server ssl key in PEM format, madatory option
    "ctl_ssl_key": "/path/to/key.pem"



    // set global session defaults for all backends
    "session": {
        // set maximum session time in sceonds, 0 for no limit
        // default: 0
        "session_time_limit": 0,

        // set session idle timeout in seconds, 0 for no limit
        // default: 0
        "session_idle_timeout": 0
    }
}