wallich reticulum config

Date: 2026-02-08 Component: meshchat (reticulum)

@KayDub: Meschat config


# This is the default Reticulum config file.
# You should probably edit it to include any additional,
# interfaces and settings you might need.

# Only the most basic options are included in this default
# configuration. To see a more verbose, and much longer,
# configuration example, you can run the command:
# rnsd --exampleconfig


[reticulum]
  
  # If you enable Transport, your system will route traffic
  # for other peers, pass announces and serve path requests.
  # This should only be done for systems that are suited to
  # act as transport nodes, ie. if they are stationary and
  # always-on. This directive is optional and can be removed
  # for brevity.
  
  enable_transport = False
  
  
  # By default, the first program to launch the Reticulum
  # Network Stack will create a shared instance, that other
  # programs can communicate with. Only the shared instance
  # opens all the configured interfaces directly, and other
  # local programs communicate with the shared instance over
  # a local socket. This is completely transparent to the
  # user, and should generally be turned on. This directive
  # is optional and can be removed for brevity.
  
  share_instance = Yes
  
  
  # If you want to run multiple *different* shared instances
  # on the same system, you will need to specify different
  # instance names for each. On platforms supporting domain
  # sockets, this can be done with the instance_name option:
  
  instance_name = default
  discover_interfaces = True
  autoconnect_discovered_interfaces = 3

# Some platforms don't support domain sockets, and if that
# is the case, you can isolate different instances by
# specifying a unique set of ports for each:

# shared_instance_port = 37428
# instance_control_port = 37429


# If you want to explicitly use TCP for shared instance
# communication, instead of domain sockets, this is also
# possible, by using the following option:

# shared_instance_type = tcp


# You can configure Reticulum to panic and forcibly close
# if an unrecoverable interface error occurs, such as the
# hardware device for an interface disappearing. This is
# an optional directive, and can be left out for brevity.
# This behaviour is disabled by default.

# panic_on_interface_error = No


[logging]
  # Valid log levels are 0 through 7:
  #   0: Log only critical information
  #   1: Log errors and lower log levels
  #   2: Log warnings and lower log levels
  #   3: Log notices and lower log levels
  #   4: Log info and lower (this is the default)
  #   5: Verbose logging
  #   6: Debug logging
  #   7: Extreme logging
  
  loglevel = 4


# The interfaces section defines the physical and virtual
# interfaces Reticulum will use to communicate on. This
# section will contain examples for a variety of interface
# types. You can modify these or use them as a basis for
# your own config, or simply remove the unused ones.

[interfaces]
  
  # This interface enables communication with other
  # link-local Reticulum nodes over UDP. It does not
  # need any functional IP infrastructure like routers
  # or DHCP servers, but will require that at least link-
  # local IPv6 is enabled in your operating system, which
  # should be enabled by default in almost any OS. See
  # the Reticulum Manual for more configuration options.
  
  # KMW commented out via one guide
  #  [[Default Interface]]
  #    type = AutoInterface
  #    enabled = Yes
  
  
  ### KMW additions
  
  # TCP/IP interface to ComSec RD node
  # KMW Down 11/20/25
  #  [[RNS COMSECRD]]
  #    type = TCPClientInterface
  #    enabled = yes
  #    target_host = 80.78.23.249
  #    target_port = 4242
  
  # TCP/IP interface to the Dublin Hub
  [[RNS Testnet Dublin]]
    type = TCPClientInterface
    enabled = yes
    target_host = dublin.connect.reticulum.network
    target_port = 4965
    name = RNS Testnet Dublin
    selected_interface_mode = 1
    configured_bitrate = None
  
  # TCP/IP interface to the BetweenTheBorders Hub (community-provided)
  [[RNS Testnet BetweenTheBorders]]
    type = TCPClientInterface
    enabled = yes
    target_host = reticulum.betweentheborders.com
    target_port = 4242
    name = RNS Testnet BetweenTheBorders
    selected_interface_mode = 1
    configured_bitrate = None
  
  # Added from: https://reticulum.network/connect_pl.html
  
  # These are community-provided public Reticulum
  # entrypoints available over the public Internet.
  
  [[Spaceman-ygg]]
    type = TCPClientInterface
    enabled = false
    target_host = 201:e73a:61ee:ca68:4bc5:99d5:fd70:ded1
    target_port = 4343
    name = Spaceman-ygg
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[Sydney RNS]]
    type = TCPClientInterface
    enabled = true
    target_host = sydney.reticulum.au
    target_port = 4242
    name = Sydney RNS
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[dismails TCP Interface]]
    type = TCPClientInterface
    interface_enabled = false
    target_host = rns.dismail.de
    target_port = 7822
    name = dismails TCP Interface
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[interloper node]]
    type = TCPClientInterface
    interface_enabled = true
    target_host = intr.cx
    target_port = 4242
    name = interloper node
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[noDNS1]]
    type = TCPClientInterface
    interface_enabled = true
    target_host = 202.61.243.41
    target_port = 4965
    name = noDNS1
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[The Outpost]]
    type = TCPClientInterface
    interface_enabled = false
    target_host = theoutpost.life
    target_port = 4242
    name = The Outpost
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[Beleth RNS Hub]]
    type = TCPClientInterface
    interface_enabled = true
    target_host = rns.beleth.net
    target_port = 4242
    name = Beleth RNS Hub
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[Rocket Tech Hub]]
    type = TCPClientInterface
    enabled = false
    target_host = reticulum.rocket-tech.net
    target_port = 443
    name = Rocket Tech Hub
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[SparkN0de]]
    type = TCPClientInterface
    interface_enabled = true
    target_host = aspark.uber.space
    target_port = 44860
    name = SparkN0de
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[Tidudanka.com]]
    type = TCPClientInterface
    enabled = false
    target_host = reticulum.tidudanka.com
    target_port = 37500
    name = Tidudanka.com
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[quad4net tcp]]
    type = TCPClientInterface
    enabled = yes
    target_host = rns.quad4.io
    target_port = 4242
    name = quad4net tcp
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[nisa-node]]
    type = TCPClientInterface
    enabled = false
    target_host = nisa.cat
    target_port = 4242
    name = nisa-node
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[acehoss]]
    type = TCPClientInterface
    enabled = yes
    target_host = rns.acehoss.net
    target_port = 4242
    name = acehoss
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[RNS Testnet StoppedCold]]
    type = TCPClientInterface
    enabled = yes
    target_host = rns.stoppedcold.com
    target_port = 4242
    name = RNS Testnet StoppedCold
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[RNS COMSEC-RD]]
    type = TCPClientInterface
    enabled = false
    target_host = 80.78.23.249
    target_port = 4242
    name = RNS COMSEC-RD
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[R-Net TCP]]
    type = TCPClientInterface
    enabled = yes
    target_host = istanbul.reserve.network
    target_port = 9034
    name = R-Net TCP
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[RNS TCP Node Germany 001]]
    type = TCPClientInterface
    enabled = true
    target_host = 202.61.243.41
    target_port = 4965
    name = RNS TCP Node Germany 001
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[RNS TCP Node Germany 002]]
    type = TCPClientInterface
    enabled = true
    target_host = 193.26.158.230
    target_port = 4965
    name = RNS TCP Node Germany 002
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[Quortal TCP Node]]
    type = TCPClientInterface
    enabled = true
    target_host = reticulum.qortal.link
    target_port = 4242
    name = Quortal TCP Node
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[mobilefabrik TCP]]
    type = TCPClientInterface
    enabled = true
    target_host = phantom.mobilefabrik.com
    target_port = 4242
    name = mobilefabrik TCP
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[g00n.cloud Hub]]
    type = TCPClientInterface
    enabled = true
    target_host = dfw.us.g00n.cloud
    target_port = 6969
    name = g00n.cloud Hub
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[RNS_Transport_US-East]]
    type = TCPClientInterface
    interface_enabled = true
    target_host = 45.77.109.86
    target_port = 4965
    name = RNS_Transport_US-East
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[rothbard_RNS_transport_ZA]]
    type = TCPClientInterface
    enabled = false
    target_host = rothbard.lab.networks.deavmi.assigned.network
    target_port = 4242
    name = rothbard_RNS_transport_ZA
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[rothbard_RNS_transport_ZA_ygg]]
    type = TCPClientInterface
    enabled = false
    target_host = 200:73eb:2e4:14be:aac7:90b3:784b:71a3
    target_port = 4242
    name = rothbard_RNS_transport_ZA_ygg
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[RNS Quad4]]
    type = TCPClientInterface
    enabled = yes
    target_host = rns.quad4.io
    target_port = 4242
    name = RNS Quad4
    selected_interface_mode = 1
    configured_bitrate = None
  
  [[RNS Acehoss]]
    type = TCPClientInterface
    enabled = yes
    target_host = rns.acehoss.net
    target_port = 4242
    name = RNS Acehoss
    selected_interface_mode = 1
    configured_bitrate = None
  
  # Ham dude node
  [[reticulum.n7ekb.net]]
    type = TCPClientInterface
    mode = gateway
    enabled = yes
    target_host = reticulum.n7ekb.net
    target_port = 48086
    name = reticulum.n7ekb.net
    selected_interface_mode = 6
    configured_bitrate = None
  
  #I2P Interfaces
  
  [[RNS Oren I2P]]
    type = I2PInterface
    enabled = yes
    peers = q6qth2xl5fisekhvm2lbplprwaof4plkbh4cthjnlj2pck7ahp5q.b32.i2p
    name = RNS Oren I2P
    selected_interface_mode = 1
    storagepath = /home/wallich/.reticulum/storage
    ifac_netname = None
    ifac_netkey = None
  
  [[SparkN0de I2P]]
    type = I2PInterface
    enabled = yes
    peers = ccrlk4gdxkgrqr633b4msujteaf7gnqw5akxjiek5dhoosfmrdka.b32.i2p
    name = SparkN0de I2P
    selected_interface_mode = 1
    storagepath = /home/wallich/.reticulum/storage
    ifac_netname = None
    ifac_netkey = None
  
  [[rothbard_RNS_transport_ZA_i2p]]
    type = I2PInterface
    enabled = yes
    peers = guuahj7pyb6ksmjv2bqrjg4cs2wou6cor3ivsi6crntqbzsxnbna.b32.i2p
    name = rothbard_RNS_transport_ZA_i2p
    selected_interface_mode = 1
    storagepath = /home/wallich/.reticulum/storage
    ifac_netname = None
    ifac_netkey = None
  
  [[4c3ePiNode]]
    type = I2PInterface
    interface_enabled = yes
    peers = re2ct667tpclusj4neu2yz6i2kqp23tnbldbiexiohund2gw2yrq.b32.i2p
    name = 4c3ePiNode
    ifac_size = 0
    selected_interface_mode = 1
    storagepath = /home/wallich/.reticulum/storage
    ifac_netname = None
    ifac_netkey = None

  [[Heltec B707]]
    type = RNodeInterface
    interface_enabled = true
    port = /dev/ttyUSB0
    frequency = 914875000
    bandwidth = 250000
    txpower = 17
    spreadingfactor = 11
    codingrate = 5

Fixing doas: not installed setuid on macOS (MacPorts)

Date: 2026-02-08
Host: macOS (MacPorts prefix: /opt/local)
Component: doas (MacPorts)

My WireGuard client app failed to load profiles because the code path relies on doas for privilege escalation. This fix corrects the macOS (MacPorts) doas installation so the client can elevate properly.

doas: not installed setuid

…and exiting with status 1.

Root Cause

On macOS, MacPorts installs doas without the setuid bit by default.

Because doas is not setuid-root, it cannot elevate privileges. Any command relying on it will immediately fail, including:

Fixing a grafana instance on macOS

Date: 2026-02-08
Host: server (macOS Monterey; Homebrew prefix: /usr/local)
Grafana install: Homebrew (/usr/local/opt/grafana)
Grafana data: /usr/local/var/lib/grafana

Grafana (Homebrew on macOS Monterey) & Password Reset + Boot-Time Startup (No GUI Login)

Summary (what was fixed)

  1. Admin login/password wouldn’t work even after “reset” attempts.
  2. Grafana would run manually, but would not reliably run as a user service via brew services and you needed it to start at boot without any desktop login.
  3. fixed both by:
  • Resetting the password against the actual Brew paths + DB that the running server uses.
  • Replacing the GUI-bound LaunchAgent approach with a system LaunchDaemon at /Library/LaunchDaemons/... that runs at boot as your user.

Caveats

“Password reset succeeded” was misleading because I was hitting the wrong DB

Grafana can be pointed at different data directories. In this setup, the running Brew Grafana server uses:

Test

This is a test page in the bits section.