X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=man%2Fsystemd-socket-proxyd.xml;h=4aef6200514e5809fa2bb811926f6f2093cc8941;hp=9f2389a04c6d27a40e4efb5dc4aa813123ab1bd3;hb=99f098257f5e4135609edc3df965ebf27975df18;hpb=19aadacf92ad86967ffb678e37b2ff9e83cb9480
diff --git a/man/systemd-socket-proxyd.xml b/man/systemd-socket-proxyd.xml
index 9f2389a04..4aef62005 100644
--- a/man/systemd-socket-proxyd.xml
+++ b/man/systemd-socket-proxyd.xml
@@ -35,23 +35,21 @@
systemd-socket-proxyd
- 1
+ 8systemd-socket-proxyd
- Inherit a socket. Bidirectionally
- proxy.
+ Bidirectionally proxy local sockets to another (possibly remote) socket.systemd-socket-proxyd
- OPTIONS
- HOSTNAME-OR-IPADDR
- PORT-OR-SERVICE
+ OPTIONS
+ HOST:PORTsystemd-socket-proxyd
- OPTIONS
+ OPTIONSUNIX-DOMAIN-SOCKET-PATH
@@ -59,13 +57,20 @@
Description
- systemd-socket-proxyd provides a proxy
- to socket-activate services that do not yet support
- native socket activation. On behalf of the daemon,
- the proxy inherits the socket from systemd, accepts
- each client connection, opens a connection to the server
- for each client, and then bidirectionally forwards
- data between the two.
+ systemd-socket-proxyd is a generic
+ socket-activated network socket forwarder proxy daemon
+ for IPv4, IPv6 and UNIX stream sockets. It may be used
+ to bi-directionally forward traffic from a local listening socket to a
+ local or remote destination socket.
+
+ One use of this tool is to provide
+ socket activation support for services that do not
+ natively support socket activation. On behalf of the
+ service to activate, the proxy inherits the socket
+ from systemd, accepts each client connection, opens a
+ connection to a configured server for each client, and
+ then bidirectionally forwards data between the
+ two.This utility's behavior is similar to
socat1.
The main differences for systemd-socket-proxyd
@@ -93,19 +98,6 @@
string and exits.
-
-
-
- Skips verification of
- the expected PID and file
- descriptor numbers. Use this if
- invoked indirectly, for
- example, with a shell script
- rather than with
-
-
-
-
@@ -116,11 +108,11 @@
Examples
- Direct-Use Example
+ Simple ExampleUse two services with a dependency
and no namespace isolation.
-
- /etc/systemd/system/proxy-to-nginx.socket
+
+ proxy-to-nginx.socket
-
- /etc/systemd/system/proxy-to-nginx.service
+
+ proxy-to-nginx.service
+ExecStart=/usr/lib/systemd/systemd-socket-proxyd /tmp/nginx.sock
+PrivateTmp=yes
+PrivateNetwork=yes]]>
-
- /etc/nginx/nginx.conf
+
+ nginx.conf
-
+
+ Enabling the proxy
-
- Indirect-Use Example
- Use a shell script to isolate the
- service and proxy into the same namespace.
- This is particularly useful for running
- TCP-only daemons without the daemon
- affecting ports on regular
- interfaces.
-
-
-
- /etc/systemd/system/proxy-with-nginx.socket
+ Namespace Example
+ Similar as above, but runs the socket
+ proxy and the main service in the same private
+ namespace, assuming that
+ nginx.service has
+ PrivateTmp= and
+ PrivateNetwork= set,
+ too.
+
+ proxy-to-nginx.socket
-
-
-
- /etc/systemd/system/proxy-with-nginx.service
+
+ proxy-to-nginx.service
-
-
-
-
- /usr/bin/socket-proxyd-nginx.sh
-
-
+ExecStart=/usr/lib/systemd/systemd-socket-proxyd 127.0.0.1:8080
+PrivateTmp=yes
+PrivateNetwork=yes]]>
-
-
- /etc/nginx/nginx.conf
+
+ nginx.conf
-
+
+ Enabling the proxy
-
@@ -232,23 +208,13 @@ $ curl http://localhost:80/]]>
See Also
-
-
- systemd.service
- 5
- ,
-
-
- systemd.socket
- 5
- ,
-
- systemctl
- 1
- ,
-
- socat
- 1
-
+ systemd1,
+ systemd.socket5,
+ systemd.service5,
+ systemctl1,
+ socat1,
+ nginx1,
+ curl1
+