Fossil SCM
Update the server documentation to show an example stunnel4 configuration.
Commit
bd6dac51d1446c307395530a4c7ad9c1937d1fde
Parent
7557c3e03f74be4…
1 file changed
+13
-1
+13
-1
| --- www/server.wiki | ||
| +++ www/server.wiki | ||
| @@ -102,11 +102,23 @@ | ||
| 102 | 102 | [http://www.stunnel.org/ | Stunnel version 4] is an inetd-like process that |
| 103 | 103 | accepts and decodes SSL-encrypted connections. Fossil can be run directly from |
| 104 | 104 | stunnel in a mannar similar to inetd and xinetd. This can be used to provide |
| 105 | 105 | a secure link to a Fossil project. The configuration needed to get stunnel4 |
| 106 | 106 | to invoke Fossil is very similar to the inetd and xinetd examples shown above. |
| 107 | -See the stunnel4 documentation for details. | |
| 107 | +The relevant parts of an stunnel configuration might look something | |
| 108 | +like the following: | |
| 109 | +<blockquote><pre><nowiki> | |
| 110 | +[https] | |
| 111 | +accept = www.ubercool-project.org:443 | |
| 112 | +TIMEOUTclose = 0 | |
| 113 | +exec = /usr/bin/fossil | |
| 114 | +execargs = /usr/bin/fossil http /home/fossil/ubercool.fossil --https | |
| 115 | +</nowiki></pre></blockquote> | |
| 116 | +See the stunnel4 documentation for further details bout the /etc/stunnel/stunnel.conf | |
| 117 | +configuration file. Note that the [fossil http] command should include the --https | |
| 118 | +option to let Fossil know to use "https" instead of "http" as the scheme on generated | |
| 119 | +hyperlinks. | |
| 108 | 120 | <p> |
| 109 | 121 | Using inetd or xinetd or stunnel is a more complex setup |
| 110 | 122 | than the "standalone" server, but it has the |
| 111 | 123 | advantage of only using system resources when an actual connection is |
| 112 | 124 | attempted. If no-one ever connects to that port, a Fossil server will |
| 113 | 125 |
| --- www/server.wiki | |
| +++ www/server.wiki | |
| @@ -102,11 +102,23 @@ | |
| 102 | [http://www.stunnel.org/ | Stunnel version 4] is an inetd-like process that |
| 103 | accepts and decodes SSL-encrypted connections. Fossil can be run directly from |
| 104 | stunnel in a mannar similar to inetd and xinetd. This can be used to provide |
| 105 | a secure link to a Fossil project. The configuration needed to get stunnel4 |
| 106 | to invoke Fossil is very similar to the inetd and xinetd examples shown above. |
| 107 | See the stunnel4 documentation for details. |
| 108 | <p> |
| 109 | Using inetd or xinetd or stunnel is a more complex setup |
| 110 | than the "standalone" server, but it has the |
| 111 | advantage of only using system resources when an actual connection is |
| 112 | attempted. If no-one ever connects to that port, a Fossil server will |
| 113 |
| --- www/server.wiki | |
| +++ www/server.wiki | |
| @@ -102,11 +102,23 @@ | |
| 102 | [http://www.stunnel.org/ | Stunnel version 4] is an inetd-like process that |
| 103 | accepts and decodes SSL-encrypted connections. Fossil can be run directly from |
| 104 | stunnel in a mannar similar to inetd and xinetd. This can be used to provide |
| 105 | a secure link to a Fossil project. The configuration needed to get stunnel4 |
| 106 | to invoke Fossil is very similar to the inetd and xinetd examples shown above. |
| 107 | The relevant parts of an stunnel configuration might look something |
| 108 | like the following: |
| 109 | <blockquote><pre><nowiki> |
| 110 | [https] |
| 111 | accept = www.ubercool-project.org:443 |
| 112 | TIMEOUTclose = 0 |
| 113 | exec = /usr/bin/fossil |
| 114 | execargs = /usr/bin/fossil http /home/fossil/ubercool.fossil --https |
| 115 | </nowiki></pre></blockquote> |
| 116 | See the stunnel4 documentation for further details bout the /etc/stunnel/stunnel.conf |
| 117 | configuration file. Note that the [fossil http] command should include the --https |
| 118 | option to let Fossil know to use "https" instead of "http" as the scheme on generated |
| 119 | hyperlinks. |
| 120 | <p> |
| 121 | Using inetd or xinetd or stunnel is a more complex setup |
| 122 | than the "standalone" server, but it has the |
| 123 | advantage of only using system resources when an actual connection is |
| 124 | attempted. If no-one ever connects to that port, a Fossil server will |
| 125 |