Configuration table

local configuration = {
  endpoints = {
    {
      -- TCP port number the server will be listening on.
      listenPort=4841,

      -- Optionally bind to a specific network interface.
      -- The value '*' means listen on all interfaces.
      listenAddress="localhost",

      -- Optionally set Endpoint URL, the URL that will be returned to
      -- clients when they call GetEndpoints. This parameter may differ
      -- from listenAddress. This is usefull when, for example, server
      -- is working behind load balancer (inside Kubernetes or
      -- Docker). In this case, the server will return the DNS name of
      -- the site instead of the host name of the container.
      endpointUrl="opc.tcp://realtimelogic.com:4841",
    }

    -- HTTP based endpoints
    -- opc.http(s):// schemes are defined in OPCUA specfication,
    -- but may not be supported by all clients.
    {
      endpointUrl = "opc.http://localhost:9357/opcua",
    },
    {
      endpointUrl = "opc.https://localhost:9357/opcua",
    },

    -- http(s):// schemes are not defined in OPCUA specification
    -- and can be specified for clients that do not support 'opc.http'
    -- schemes.
    {
      endpointUrl = "http://localhost:9357/opcua",
    },
    {
      endpointUrl = "https://localhost:9357/opcua",
    },
  },


  -- This is a main certificate an key for server.
  -- It uses in endpoint description, during asymmetric encryption
  -- and for signing during session authentication process.
  certificate = "/path/to/server/main.pem",
  key = "/path/to/server/main.key",

  -- List of secire policies can be applied to messages
  -- To disable any policy remove required entry from list
  securePolicies = {
    { -- #1
      -- Unsecure policy.
      -- Use this policy for testing purposes only.
      securityPolicyUri = ua.Types.SecurityPolicy.None,
    },

    { -- #2
      -- Secure policy Basic128Rsa15
      -- Asymmetric:
      -- RSA key size 1024 or 2048 bits.
      -- AES key size 128bit
      securityPolicyUri = ua.Types.SecurityPolicy.Basic128Rsa15,

      -- Secure mode sign and sign-and-encrypt
      -- You can leave only one mode
      securityMode = {
        ua.Types.MessageSecurityMode.Sign,
        ua.Types.MessageSecurityMode.SignAndEncrypt
      },

      -- certificate and private key should be used with secure policy.
      -- 1. Path to files
      -- 2. Content of certificate/key.
      -- if these fields not specified then main certificate will be used.
      certificate = "/path/to/certs/basic128rsa15.pem",
      key =         "/path/to/certs/basic128rsa15.key",
    },
    { -- #3
      -- Secure policy Aes128_Sha256_RsaOaep
      -- Asymmetric:
      -- RSA key size 1024 or 2048 bits.
      -- AES key size 128bit
      securityPolicyUri = ua.Types.SecurityPolicy.Aes128_Sha256_RsaOaep,

      -- Secure mode sign and sign-and-encrypt
      -- You can leave only one mode
      securityMode = {
        ua.Types.MessageSecurityMode.Sign,
        ua.Types.MessageSecurityMode.SignAndEncrypt
      },

      -- certificate and private key should be used with secure policy.
      -- 1. Path to files
      -- 2. Content of certificate/key.
      -- if these fields not specified then main certificate will be used.
      certificate = "/path/to/certs/Aes128_Sha256_RsaOaep.pem",
      key =         "/path/to/certs/Aes128_Sha256_RsaOaep.key",
    }
  },

  -- Size of the buffer used for encoding/decoding messages.
  -- Cannot be less than 8192.
  bufSize = 16384,

  -- Log settings. If all parameters are false, then server will be
  -- working in silent mode without producing logs.
  logging = {
    -- Trace information messages specific to sockets.
    socket = {
      -- Show data sent over sockets. Produces lots of data
      dbgOn = false,
      -- Client connect and disconnect information
      infOn = false,
      -- Socket errors.
      errOn = true
    },
    -- For OPC UA binary protocol experts:
    binary = {
      -- Enable debugging of binary OPC-UA protocol:
      --   * What kind of message received
      --   * Encoding/decoding information
      --   * What services are called
      --   * Tokens refresh process
      dbgOn = false,

      -- Information messages:
      --  * Number of channels created.
      --  * Issued and expired token numbers.
      infOn = true,

      -- Binary protocol errors
      errOn = true
    },

    services = {
      -- Service execution information.
      dbgOn = true,
      -- Service message information.
      infOn = true,
      -- Service errors.
      errOn = true
    }
  }
}