-
Notifications
You must be signed in to change notification settings - Fork 1k
Config Setup
The config file is one of the most important files for users in the PHP-MPOS project. It can be found in the /public/include/config directory under the name global.inc.dist.php
. In this form the file is inactive and will not affect the site. Until the config file has been activated by changing the name to global.inc.php
the PHP-MPOS project will not load. By activating this file a user can gain access to many powerful tools for changing the settings on all pages of the site.
This is used in the version check to ensure you run the latest version of the configuration file. Once you upgraded your config, change the version here too.
Unless disabled will perform a simple check on your config and display the results for logged in admins.
Enables/Disables Registration with Wallet Address
Debug is the debug level to run the application at, 0 for disabled - 5 for most verbose.
SALT and SALTY are used to hash passwords, so longer is better!
Default Values:
DEBUG = 0
SALT = ''
SALTY = ''
The *_PATH defines are now located in bootstrap.php, in the includes folder.
Underlying coin algorithm that you are mining on. Set this to whatever your coin needs, sha256d, scrypt, scryptn or x11.
Default Values:
algorithm = 'scrypt'
algorithm
- sha256d: Bitcoin and similar ones.
- scrypt: Litecoin and most of the all-coins.
- scryptn: Vertcoin and similar ones.
- x11: Darkcoin and similar ones.
Some Coins have a bad implementation of getbalance
. In Some cases, Coindaemon did not
return Balance with unconfirmed Blocks. If your Coindaemone returns the same values when you run
./coindaemon getbalance
and ./coindaemon getbalance ''
, you have to set
this to false.
$config['getbalancewithunconfirmed'] = true;
A MySQL database backend is required for MPOS. Creating a database is covered in the [Quick Start Guide] (https://github.com/MPOS/php-mpos/wiki/Quick-Start-Guide#wiki-database-setup). Additionally a base database structure is available in sql/000_base_structure.sql
. If a database update is required, MPOS will disable the cronjobs and notify the admins of the website via popup notification. Please run the upgrade/run_upgrades.php
script to migrate your database to the latest version.
Default Values:
host = 'localhost'
port = 3306
user = 'someuser'
pass = 'somepass'
name = 'mpos'
host
- location for the database, generally on the same server as the site port
port
- which port accesses the database if hosted externally
user
- database user name
pass
- database user password
name
- name of the database used for the project, needs to match the name of the database created
shared
- this is a special variable that will allow advanced users to setup a Single Sign On setup for MPOS
MPOS uses the RPC backend to fetch transactions, blocks and various other things. They need to match your coind RPC configuration.
Default Values:
type = 'http'
host = 'localhost:19334'
username = 'testnet'
password = 'testnet'
type
- RPC connection type
host
- RPC host
username
- RPC username
password
- RPC password
You can configure how MPOS is sending mail via Swiftmailer here. Please be aware that we recommend running a local MTA as relay to your actual mail provider. Using SMTP will add the connection overhead when sending mail, that may result in very long runtimes when sending a lot of mails out.
SMTP can still be used. Please configure it using the smtp options in this configuration block. For newsletters, we added the option to enable throttle mode, which will only send 100 message per minute! Use an MTA if you have a large volume of users!
Default Values:
type = sendmail
sendmail path = /usr/sbin/sendmail
sendmail options = -bs
smtp host = your.mail-relay.com
smtp port = 587
smtp encryption = tls
smtp username = ''
smtp password = ''
smtp throttle = 100
This is displayed on GettingStarted Page to make it more dynamic
Default Values:
coinname = 'Litecoin'
coinurl = 'http://www.litecoin.org'
stratumurl = ''
stratumport = '3333'
coinname
- The name of the coin this MPOS install is for
coinurl
- URL for more information about this coin
stratumurl
- URL used in getting started page for stratum
stratumport
- Port used in getting started page for stratum
MPOS will try to fetch the current exchange rates from this API URL/target. Currently btc-e and coinchoose are supported in MPOS. If you want to remove the trade header just set currency to an empty string.
Default Values:
btc-e.com
url = `https://btc-e.com`
target = `/api/2/ltc_usd/ticker`
currency = `USD`
coinchoose.com
url = `http://www.coinchoose.com`
target = `/api.php`
currency = `BTC`
cryptsy.com
url = `http://pubapi.cryptsy.com`
currency = `BTC`
target = `/api.php?method=singlemarketdata&marketid={MARKET_ID}`
cryptorush.in
url = `https://cryptorush.in`
currency = `BTC`
target = `/api.php?get=market&m={YOUR_COIN}&b={TARGET_COIN}&key={YOUR_API_KEY}&id={YOUR_ID}`
cryptopia.co.nz
url = `https://www.cryptopia.co.nz`
currenty = `BTC`
target = `/api/GetMarket/{MARKET_ID}`
mintpal.com
url = `https://api.mintpal.com`
currency = `BTC`
target = `/market/stats/LTC/BTC`
bittrex.com
url = `https://bittrex.com`
currency = `BTC`
target = `/api/v1.1/public/getticker?market=BTC-{YOUR_COIN}`
These values define the min and max settings that can be entered by a user.
Default Values:
min = 1
max = 250
min
- Minimum amount a user can request automatic payout at
max
- Maximum amount a user can request automatic payout for
These value defines the min manual payout that can be entered by a user.
Default Values:
1
These value defines the max payout that can be entered by a user. This should be set to the value, Coin Daemon can handle as max for one Transaction to a single user.
Default Values:
20000
You can define a min and max values for you users donation settings here.
Default Values:
min = 1
min
- Cap the minimum donation amount at this
Invitations will allow your users to invite new members to join the pool. After sending a mail to the invited user, they can register using the token created. Invitations can be enabled and disabled through the admin panel. Sent invitations are listed on the account invitations page.
Default Values:
count = 5
count
- Maximum invitations a user is able to send
Shorthand name for currency used by this pool
Default Values:
currency = 'LTC'
currency
- Shorthand name for the currency used
Target time for coins to be generated
Fastcoin: 12 seconds Litecoin: 2,5 minutes = 150 seconds Feathercoin: 2,5 minutes = 150 seconds Bitcoin: 10 minutes = 600 seconds
Default Values:
cointarget = 150
Amount of Blocks until Difficulty change
Fastcoin: 300 Blocks Litecoin: 2016 Blocks Bitcoin: 2016 Blocks
Default Values:
coindiffchangetarget = 2016
cointarget
- Time in seconds for coins to be generated for this coin
The coin daemon applies transaction fees to young coins. Since we are unable to find out what the exact fee was we set a default value here which is applied to both manual and auto payouts. If this is not set, no fee is applied in the transactions history but the user might still see them when the coins arrive. You can set two different transaction fees for manual and auto payouts.
Default Values:
txfee_auto = 0.1
txfee_manual = 0.1
txfee_auto
- Setting for auto payout TX fee
txfee_manual
- Setting for auto payout TX fee
Payout a block bonus to block finders, this bonus is paid by the pool operator, it is not deducted from the block payout! 0 = disabled
Default Values:
block_bonus = 0
block_bonus
- This bonus is paid by the pool operator, not from the block!
Payout a general bonus to all your miners. By default, this is based on their payouts and will pay out an additional percentage to their income. This will be covered from your liquid assets! As a payout time, you can either chose payout or block. Block will payout the same percentage based on the block value to all miners! So setting this to 1% on a 50 block reward pays 5 coins per user from your liquid assets! Payout based bonuses only pay a bonus total to the block values percentage.
Default Values:
pool_bonus = 0
pool_bonus_type = payout
This will modify some templates and activate the appropriate crons. Only ONE payout system at a time is supported!
prop: Proportional payout system
pps : Pay Per Share payout system
pplns : Pay Per Last N Shares payout system
Default Values:
payout_system = 'prop'
payout_system
- The payout system chosen, prop pps or pplns
By default we try to detect sendmany
in the RPC but disable the use of it. If you are sure that your RPC does support sendmany
properly, you can enable it here and speed up your payouts significantly.
sendmany enabled : Enable/Disable sendmany support.
Default Values:
sendmany enabled = false
We are only running a certain amount of payouts per run to not overload the RPC with transactions per run. You can set a limit for manual and auto-payouts.
You can also enable our own getrealbalance
RPC wrapper that will try to get an accurate display of your wallets balance for those coins that require to pay from the default wallet. Symptoms that you may need this includes payout runs bailing with error 500 from the RPC but payments did indeed succeed. Try enabling the getrealbalance
option and see if your payouts run smoother. Most coins won't need this.
Default Values:
txlimit_manual = 500
txlimit_auto = 500
getrealbalance = false
As soon as a round is finished, shares of that rate are archived (see below) and deleted from the shares
table. Due to a large amount of shares in a single round, this can take a very long time. To reduce server load and allow other systems to access the DB during this high-load time, the DELETE calls are being limited to a number of rows. Then the process sleeps and continues to delete shares until all shares have been purged.
You can adjust some purging settings here in order to improve your overall site performance during round ends. Keep in mind that decreasing shares/time will make the cron run longer but at least keeps your site active. Vice versa higher numbers allow for a faster deletion but might affect the live site. This system is also used when purging archived shares.
Default Values:
sleep = 1
shares = 25000
sleep
- Time to sleep between delete calls
shares
- How many shares to delete at one time
By default, we don't need to archive for a long time. PPLNS and Hashrate calculations rely on this archive, but all shares past a certain point can safely be deleted.
To ensure we have enough shares on stack for PPLNS, this is set to the past 10 rounds. Even with lucky ones in between those should fit the PPLNS target. On top of that, even if we have more than 10 rounds, we still keep the last maxage shares to ensure we can calculate hashrates. Both conditions need to be met in order for shares to be purged from archive.
Proportional mode will only keep the past 24 hours. These are required for hashrate calculations to work past a round, hence 24 hours was selected as the default. You may want to increase the time for debugging, then add any integer reflecting minutes of shares to keep.
Default Values:
maxrounds = 10
maxage = 60 * 24 (24h)
maxrounds
- PPLNS, keep shares for maxrounds
maxage
- PROP and PPLNS, delete shares older than maxage minutes
Fees applied to users in percent, disabled = 0
Default Values:
fees = 0
PPLNS can run on two different payouts: fixed
and blockavg
. Each one defines a different PPLNS target.
Fixed means we will be looking at the shares setup in the default setting. There is no automatic adjustments to the PPLNS target, all users will be paid out proportionally to that target.
Blockavg will look at the last blockcount blocks shares and take the average as the PPLNS target. This will be automatically adjusted when difficulty changes and more blocks are available. This keeps the target dynamic but still traceable.
If you use the fixed type it will use $config['pplns']['shares']['default'] for target calculations, if you use blockavg type it will use $config['pplns']['blockavg']['blockcount'] blocks average for target calculations.
default : Default target shares for PPLNS
type : Payout type used in PPLNS
blockcount : Amount of blocks to check for avg shares
Available Options:
default : amount of shares, integeger
type : blockavg or fixed
blockcount : amount of blocks, any integer
Default Values:
default = 4000000
type = 'blockavg'
blockcount = 10
For pushpoold, see the FAQ
Proportional + PPLNS Payout System
When running a pool on fixed mode, each block will be paid out as defined in reward
. If you wish to pass transaction fees inside discovered blocks on to user, set this to block
. This is really helpful for altcoins with dynamic block values!
PPS Payout System
If set to fixed
, all PPS values are based on the reward
setting. If you set it to block
you will calculate the current round based on the previous block value. The idea is to pass the block of the last round on to the users. If no previous block is found, PPS value will fall back to the fixed value set in reward
. Ensure you don't overpay users in the first round!
Default Values:
reward_type = 'block'
reward = 50
Available Values:
reward_type:
fixed : Fixed value according to `reward` setting
block : Dynamic value based on block amount
blockavg : Dynamic values based on average of last N blocks
reward:
float value : Any value of your choice but should reflect base block values
blockavg blockcount :
integer value : Amount of N blocks to use for block average rewards
Confirmations per block required to credit transactions to users, default: 120 Do NOT touch this unless you know what you are doing! Please check your coin for the appropriate value here, but most should work with this.
If you set this wrong, you may confirm a users MPOS transaction for a block before the actual block found with that transaction has confirmed and added to your wallet balance. You may pay out orphaned blocks to users if this is not set properly.
Default Values:
confirmations = 120
confirmations
- Number of confirmations per block required to credit transactions
Confirmations per block required in network to confirm its block value in your wallet, default: 120 Do NOT touch this unless you know what you are doing! Please check your coin for the appropriate value here, but most should work with this.
Usually, you should keep both confirmations and network_confirmations at the same setting to not cause any payout issues in your pool!
Default Values:
network_confirmations = 120
network_confirmations
- Number of confirmations in network to confirm transactions
Pay per share settings
Default Values:
pps_reward_type = `fixed` default $config['pps']['reward']['default']
reward = 50
Available Options:
reward_type:
fixed : Fixed value according to `reward` setting
blockavg : Dynamic value based on average of x number of block rewards
block : Dynamic value based on LAST block amount
reward:
float value : Any value of your choice but should reflect base block values
blockcount : amount of blocks to average, any integer
After disabling memcache, installation of memcache is not required. Please note that a memcache is greatly increasing performance when combined with the statistics.php
cronjob. Disabling this is not recommended in a live environment!
Default Values:
enabled = true
host = 'localhost'
port = 11211
keyprefix = 'mpos_'
expiration = 90
splay = 15
force contrib_shares = false
enabled
- Disable (false) memcache for debugging or enable (true) it
host
- Host IP or hostname
port
- memcache port
keyprefix
- Must be changed for multiple MPOS instances on one host
expiration
- Default expiration time in seconds of all cached keys. Increase if caches expire too fast.
splay
- Default randomizer for expiration times. This will spread expired keys across
splay
seconds.
force.contrib_shares
- Enforce using caches will cause Top 15 Contributor Shares to NOT fall back to SQL. Useful on high hashrate pools (>3 GHash).
You can configure the cookie behaviour to secure your cookies more than the PHP defaults. For multiple installations of MPOS on the same domain you must change the cookie path.
Default Values:
duration = '1440'
domain = ''
path = '/'
httponly = true
secure = false
duration the amount of time, in seconds, that a cookie should persist in the users browser. 0 = until closed; 1440 = 24 minutes. Check your php.ini 'session.gc_maxlifetime' value and ensure that it is at least the duration specified here.
domain
- the only domain name that may access this cookie in the browser
path
- the highest path on the domain that can access this cookie; i.e. if running two pools from a single domain you might set the path /ltc/ and /ftc/ to separate user session cookies between the two.
httponly
- marks the cookie as accessible only through the HTTP protocol. The cookie can't be accessed by scripting languages, such as JavaScript. This can help to reduce identity theft through XSS attacks in most browsers.
secure
- marks the cookie as accessible only through the HTTPS protocol. If you have a SSL certificate installed on your domain name then this will stop a user accidentally accessing the site over a HTTP connection, without SSL, exposing their session cookie.
Smarty implements a file based cache for all HTML output generated from dynamic scripts. It can be enabled to cache the HTML data on disk, future request are served from those cache files.
This may or may not work as expected, in general Memcache is used to cache all data so rendering the page should not take too long anyway.
You can test this out and enable (1) this setting but it's not guaranteed to work with MPOS.
Ensure that the folder templates/cache
is writeable by the web server!
0 = disabled
Default Values:
cache = 0
cache_lifetime = 30
cache
- Use Smarty Caching
cache_lifetime
- Length in seconds to keep files in cache
This will disable loading of some API calls in case the system loads exceeds the defined max setting. Useful to temporarily suspend live statistics on a server that is too busy to deal with requests.
Default Values:
max = 10.0
max
- Float, maximum system load
If you have your MySQL on a different server and/or use Master/Slave setup:
Setup a simple apache+php service on the database server, and put the file scripts/loadavg.php on the documentroot.
Check the config file for the following parameters:
$config['system']['load']['remote'] = false;
$config['system']['load']['remote_url'] = "http://sqlhost/loadavg.php";
By default, we will use the security settings from the dist config
If you want to apply your own settings you should create a new copy of the security dist config without the 'dist,' as it will override the values automatically.
Because bots/angry users can just fire away at pages or f5 us to death, we can attempt to rate limit requests using Nemcache.
Default Values:
enabled = true
protect_ajax = true
ajax_hits_additive = false
flush_seconds_api = 60
rate_limit_api = 20
flush_seconds_site = 60
rate_limit_site = 30
ignore_admins = true
error_push_page = array('page' => 'error', 'action' => 'ratelimit');
enabled
- Whether or not we will try to rate limit requests
protect_ajax
- If enabled, we will also watch the ajax calls for rate limiting and kill bad requests
ajax_hits_additive
- If enabled, ajax hits will count towards the site counter as well as the ajax counter
flush_seconds_api
- Number of seconds between each flush of user/ajax counter
rate_limit_api
- Number of api requests allowed per flush_seconds_api
flush_seconds_site
- Number of seconds between each flush of user/site counter
rate_limit_site
- Number of site requests allowed per flush_seconds_site
ignore_admins
- Ignores the rate limit for admins
error_push_page
- Page/action array to push users to a specific page, look in the URL! Empty = 'You are sending too many requests too fast!' on a blank page
To help protect against CSRF, we can generate a hash that changes every minute and is unique for each user/IP and page or use, and check against that when a form is submitted.
Default Values:
enabled = true
enabled
- Whether or not to generate and check for valid CSRF Tokens
To increase security for users, account detail changes can require an e-mail confirmation prior to performing certain actions.
Default Values:
enabled = true
details = true
withdraw = true
changepw = true
enabled
- Whether or not to require e-mail confirmations
details
- Require confirmation to change account details
withdraw
- Require confirmation to manually withdraw/payout
changepw
- Require confirmation to change password
To avoid accounts being hacked by brute force attacks, set a maximum amount of failed login or pin entry attempts before locking the account. They will need to contact site support to re-enable the account.
login = 3
pin = 3
login
- Number of attempts invalid login attempts before locking
pin
- Number of invalid pin attempts before locking
-
- installation of Redis requires TCL 8.5 or newer TCL Download Page