# SSLH Multiplex Lab Configuration File # # Copy this file to ~/.sslh-lab/config.yaml and fill in your actual values. # Alternatively, you can use environment variables (prefixed with SSLH_) or CLI flags. # Priority: CLI flags > Environment variables > Config file > Defaults # # Required fields: # - hetzner_key: Your Hetzner Cloud API token (read/write permissions required) # - namecheap_key: Your Namecheap API key # - namecheap_user: Your Namecheap account username # - domain: Domain name registered with Namecheap # # Optional fields: # - region: Hetzner region (default: nbg1) # - server_type: Hetzner server type (default: cpx22) # - letsencrypt_email: Email for Let's Encrypt certificate registration # - config_dir: Configuration directory (default: ~/.sslh-lab) # Hetzner Cloud API Configuration # Get your API token from: https://console.hetzner.cloud/ → Security → API Tokens # Must have read/write permissions to create, manage, and delete servers hetzner_key: "your-hetzner-cloud-api-token-here" # Namecheap API Configuration # Get your API key from: Namecheap account → Profile → Tools → Business & Dev Tools → Namecheap API Access # Enable API access and generate an API key # Your IP address must be whitelisted in Namecheap API settings namecheap_key: "your-namecheap-api-key-here" namecheap_user: "your-namecheap-username" # Domain Configuration # Must be a domain registered with Namecheap and present in your account # The tool will automatically switch the domain to Namecheap DNS servers if needed domain: "example.com" # Hetzner Server Configuration # Region options: nbg1 (Nuremberg), fsn1 (Falkenstein), hel1 (Helsinki), ash (Ashburn), hil (Hillsboro) # See: https://docs.hetzner.com/cloud/general/regions/ region: "nbg1" # Server type options: cpx11, cpx21, cpx22, cpx31, cpx41, cpx51, etc. # See: https://www.hetzner.com/cloud # Default: cpx22 (2 vCPU, 4 GB RAM, 80 GB SSD) server_type: "cpx22" # Let's Encrypt Certificate Configuration (Optional) # If provided, automatically provisions TLS certificates for the domain and all subdomains # Uses DNS-01 challenge via Namecheap API # Certificates are automatically revoked on teardown (if > 7 days until expiry) # Reuses existing valid certificates (> 30 days remaining) to respect rate limits letsencrypt_email: "your-email@example.com" # Configuration Directory (Optional) # Default: ~/.sslh-lab # This is where deployment data, SSH keys, and certificates are stored # config_dir: "~/.sslh-lab"