Configuration

One config file: /etc/romp/romp.json. Every option is overridable by an environment variable. Re-read on otter restart.

romp.json

{
  "apiKey": "rk_live_…",
  "bind": "127.0.0.1",
  "ports": {
    "red": 4000,    "blue": 4100,    "yellow": 4200,
    "black": 4300,  "white": 4400,   "grey": 4500,
    "green": 4700,  "orange": 4800,  "guard": 4010
  },
  "demo": {
    "enabled": false,
    "redactionString": "[PROPRIETARY]"
  },
  "ai": {
    "model": "deepseek-r1-distill-qwen-1.5b",
    "ollama": "http://127.0.0.1:11434",
    "flashAttn": false
  },
  "alerts": {
    "store": "/var/lib/romp/alerts.db",
    "retentionDays": 30
  },
  "scope": {
    "allowedDomains": [],
    "blockedDomains": []
  }
}

Environment overrides

Variable	Effect
`ROMP_API_KEY`	Override `apiKey`.
`ROMP_BIND`	Override `bind`. Set to `0.0.0.0` to expose externally — read the AUP first.
`ROMP_DEMO_MODE`	`1` = enable redaction. Defensive otters never redact.
`ROMP_ALLOW_PRIVATE_TARGETS`	`1` = permit RFC1918 / loopback scan targets. Cloud-metadata stays blocked.
`ROMP_LICENSE_PATH`	Path to license JSON. Default `/opt/romp/.license.json`.
`ROMP_LOG_LEVEL`	`error` · `warn` · `info` (default) · `debug`.

License file

Romp ships an Ed25519 public key at /opt/romp/.license-public.pem. License JSONs are signed on our server. Verifier is offline — no phone-home, no DRM check.

{
  "tier": "pro",
  "issuedTo": "you@example.com",
  "issuedAt": "2026-05-03T22:46:39Z",
  "expiresAt": "2027-05-03T22:46:39Z",
  "signature": "base64-ed25519-…"
}

Tampered license = signature fails verification = otter refuses to start. Lost license = email gerald@domainless.fun for a re-issue.

Demo mode

Set demo.enabled: true when showing Romp to customers / on streams. Wraps every Red / Black / Blue response and replaces target hostnames, IPs, and identifying paths with [PROPRIETARY]. Counts, grades, severity scoring all survive — only the identifying strings get scrubbed. Grey, Green, and Orange are never redacted because they target your own host.

Scope guards

scope.allowedDomains and scope.blockedDomains are enforced before any active probe runs. Use them when you're scanning bug-bounty programs to stop yourself from accidentally hitting an out-of-scope asset.

{
  "scope": {
    "allowedDomains": ["*.target.com", "api.target.com"],
    "blockedDomains": ["legacy.target.com"]
  }
}

AI / Ollama

Set ai.ollama to your local Ollama instance. ai.flashAttn defaults to false — Ollama + Maxwell-class GPUs (GTX 970) crash on flash-attention with models >1.5B. Leave it off unless you're on a newer card.

Where things live

Path	What
`/opt/romp/`	Install root.
`/etc/romp/romp.json`	Config.
`/etc/romp/env`	Environment overrides loaded by systemd.
`/var/lib/romp/`	Persistent state — alerts DB, baselines.
`/var/log/romp/`	Per-otter rotating logs.
`/opt/romp/.license.json`	License JSON.
`/opt/romp/.license-public.pem`	Ed25519 verifier key.