X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;ds=inline;f=man%2Fsystemd-socket-proxyd.xml;h=4aef6200514e5809fa2bb811926f6f2093cc8941;hb=63966da86d8e71b1f3f2b57d5448770d526421f9;hp=9d8822bbd294c787edcc43ff4afcb7cc39dbed02;hpb=2af29c881ae910da2d0ea2cceed5bb27355bb7d2;p=elogind.git
diff --git a/man/systemd-socket-proxyd.xml b/man/systemd-socket-proxyd.xml
index 9d8822bbd..4aef62005 100644
--- a/man/systemd-socket-proxyd.xml
+++ b/man/systemd-socket-proxyd.xml
@@ -31,17 +31,11 @@
Straussdavid@davidstrauss.net
-
- Developer
- Lennart
- Poettering
- lennart@poettering.net
- systemd-socket-proxyd
- 1
+ 8systemd-socket-proxyd
@@ -65,7 +59,7 @@
systemd-socket-proxyd is a generic
socket-activated network socket forwarder proxy daemon
- for IPV4, IPv6 and UNIX stream sockets. It may be used
+ for IPv4, IPv6 and UNIX stream sockets. It may be used
to bi-directionally forward traffic from a local listening socket to a
local or remote destination socket.
@@ -89,17 +83,6 @@
OptionsThe following options are understood:
-
-
-
-
- Restricts listening to a
- single inherited socket, specified
- as a file descriptor. By default,
- the proxy listens on all inherited
- sockets.
-
-
@@ -125,11 +108,11 @@
Examples
- Direct-Use Example
+ Simple ExampleUse two services with a dependency
and no namespace isolation.
-
- /etc/systemd/system/proxy-to-nginx.socket
+
+ proxy-to-nginx.socket
-
- /etc/systemd/system/proxy-to-nginx.service
+
+ proxy-to-nginx.service
+ExecStart=/usr/lib/systemd/systemd-socket-proxyd /tmp/nginx.sock
+PrivateTmp=yes
+PrivateNetwork=yes]]>
-
- /etc/nginx/nginx.conf
+
+ nginx.conf
-
+
+ Enabling the proxy
- Indirect-Use Example
- Use a shell script to isolate the
- service and proxy into the same namespace.
- This is particularly useful for running
- TCP-only daemons without the daemon
- affecting ports on regular
- interfaces.
-
-
-
- /etc/systemd/system/proxy-with-nginx.socket
+ Namespace Example
+ Similar as above, but runs the socket
+ proxy and the main service in the same private
+ namespace, assuming that
+ nginx.service has
+ PrivateTmp= and
+ PrivateNetwork= set,
+ too.
+
+ proxy-to-nginx.socket
-
-
-
- /etc/systemd/system/proxy-with-nginx.service
+
+ proxy-to-nginx.service
-
-
-
-
- /usr/bin/socket-proxyd-nginx.sh
-
-
+ExecStart=/usr/lib/systemd/systemd-socket-proxyd 127.0.0.1:8080
+PrivateTmp=yes
+PrivateNetwork=yes]]>
- Make it executable:
-
-
-
-
-
- /etc/nginx/nginx.conf
+
+ nginx.conf
-
+
+ Enabling the proxy
-
-
-
-
-
-
- Multiple Listeners with Multiple Destinations
- When using namespaces, it may be useful to
- have multiple listeners with each going to a unique
- destination. systemd always passes sockets into
- services in the order specified in the socket
- unit, beginning with file descriptor 3.
- In this example, port 80
- will proxy to localhost:8080,
- and port 443 will proxy to
- localhost:8443.
-
- /etc/systemd/system/multi-destination.socket
-
-
-
-
-
- /etc/systemd/system/multi-destination.service
-
-
-
-
-
-
-
- /usr/bin/socket-proxyd-multi-destination.sh
-
-
-
- Make it executable:
-
-
-
-
-
-
-
-
@@ -304,7 +212,9 @@ $ curl https://localhost/]]>
systemd.socket5,
systemd.service5,
systemctl1,
- socat1
+ socat1,
+ nginx1,
+ curl1