]> git.ipfire.org Git - thirdparty/systemd.git/blob - man/systemd-socket-proxyd.xml
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
man: wording and grammar updates
[thirdparty/systemd.git] / man / systemd-socket-proxyd.xml
1 <?xml version="1.0"?>
2 <!--*-nxml-*-->
3 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
4 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
5 <!--
6 This file is part of systemd.
7
8 Copyright 2013 David Strauss
9
10 systemd is free software; you can redistribute it and/or modify it
11 under the terms of the GNU Lesser General Public License as published by
12 the Free Software Foundation; either version 2.1 of the License, or
13 (at your option) any later version.
14
15 systemd is distributed in the hope that it will be useful, but
16 WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
19
20 You should have received a copy of the GNU Lesser General Public License
21 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 -->
23 <refentry id="systemd-socket-proxyd">
24 <refentryinfo>
25 <title>systemd-socket-proxyd</title>
26 <productname>systemd</productname>
27 <authorgroup>
28 <author>
29 <contrib>Developer</contrib>
30 <firstname>David</firstname>
31 <surname>Strauss</surname>
32 <email>david@davidstrauss.net</email>
33 </author>
34 </authorgroup>
35 </refentryinfo>
36 <refmeta>
37 <refentrytitle>systemd-socket-proxyd</refentrytitle>
38 <manvolnum>1</manvolnum>
39 </refmeta>
40 <refnamediv>
41 <refname>systemd-socket-proxyd</refname>
42 <refpurpose>Inherit a socket. Bidirectionally
43 proxy.</refpurpose>
44 </refnamediv>
45 <refsynopsisdiv>
46 <cmdsynopsis>
47 <command>systemd-socket-proxyd</command>
48 <arg choice="opt" rep="repeat">OPTIONS</arg>
49 <arg choice="plain"><replaceable>HOSTNAME-OR-IPADDR</replaceable></arg>
50 <arg choice="plain"><replaceable>PORT-OR-SERVICE</replaceable></arg>
51 </cmdsynopsis>
52 <cmdsynopsis>
53 <command>systemd-socket-proxyd</command>
54 <arg choice="opt" rep="repeat">OPTIONS</arg>
55 <arg choice="plain"><replaceable>UNIX-DOMAIN-SOCKET-PATH</replaceable>
56 </arg>
57 </cmdsynopsis>
58 </refsynopsisdiv>
59 <refsect1>
60 <title>Description</title>
61 <para>
62 <command>systemd-socket-proxyd</command> provides a proxy
63 to socket-activate services that do not yet support
64 native socket activation. On behalf of the daemon,
65 the proxy inherits the socket from systemd, accepts
66 each client connection, opens a connection to the server
67 for each client, and then bidirectionally forwards
68 data between the two.</para>
69 <para>This utility's behavior is similar to
70 <citerefentry><refentrytitle>socat</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
71 The main differences for <command>systemd-socket-proxyd</command>
72 are support for socket activation with
73 <literal>Accept=false</literal> and an event-driven
74 design that scales better with the number of
75 connections.</para>
76 </refsect1>
77 <refsect1>
78 <title>Options</title>
79 <para>The following options are understood:</para>
80 <variablelist>
81 <varlistentry>
82 <term><option>-h</option></term>
83 <term><option>--help</option></term>
84 <listitem>
85 <para>Prints a short help
86 text and exits.</para>
87 </listitem>
88 </varlistentry>
89 <varlistentry>
90 <term><option>--version</option></term>
91 <listitem>
92 <para>Prints a version
93 string and exits.</para>
94 </listitem>
95 </varlistentry>
96 <varlistentry>
97 <term><option>--ignore-env</option></term>
98 <listitem>
99 <para>Skips verification of
100 the expected PID and file
101 descriptor numbers. Use this if
102 invoked indirectly, for
103 example, with a shell script
104 rather than with
105 <option>ExecStart=/usr/lib/systemd/systemd-socket-proxyd</option>
106 </para>
107 </listitem>
108 </varlistentry>
109 </variablelist>
110 </refsect1>
111 <refsect1>
112 <title>Exit status</title>
113 <para>On success, 0 is returned, a non-zero failure
114 code otherwise.</para>
115 </refsect1>
116 <refsect1>
117 <title>Examples</title>
118 <refsect2>
119 <title>Direct-Use Example</title>
120 <para>Use two services with a dependency
121 and no namespace isolation.</para>
122 <example label="proxy socket unit">
123 <title>/etc/systemd/system/proxy-to-nginx.socket</title>
124 <programlisting>
125 <![CDATA[[Socket]
126 ListenStream=80
127
128 [Install]
129 WantedBy=sockets.target]]>
130 </programlisting>
131 </example>
132 <example label="proxy service unit">
133 <title>/etc/systemd/system/proxy-to-nginx.service</title>
134 <programlisting>
135 <![CDATA[[Unit]
136 After=nginx.service
137 Requires=nginx.service
138
139 [Service]
140 ExecStart=/usr/bin/systemd-socket-proxyd /tmp/nginx.sock
141 PrivateTmp=true
142 PrivateNetwork=true]]>
143 </programlisting>
144 </example>
145 <example label="nginx configuration">
146 <title>/etc/nginx/nginx.conf</title>
147 <programlisting>
148 <![CDATA[[...]
149 server {
150 listen unix:/tmp/nginx.sock;
151 [...]]]>
152 </programlisting>
153 </example>
154 <example label="commands">
155 <programlisting>
156 <![CDATA[$ sudo systemctl --system daemon-reload
157 $ sudo systemctl start proxy-to-nginx.socket
158 $ sudo systemctl enable proxy-to-nginx.socket
159 $ curl http://localhost:80/]]>
160 </programlisting>
161 </example>
162 </refsect2>
163 <refsect2>
164 <title>Indirect-Use Example</title>
165 <para>Use a shell script to isolate the
166 service and proxy into the same namespace.
167 This is particularly useful for running
168 TCP-only daemons without the daemon
169 affecting ports on regular
170 interfaces.</para>
171 <example label="combined proxy and nginx socket unit">
172
173 <title>
174 /etc/systemd/system/proxy-with-nginx.socket</title>
175 <programlisting>
176 <![CDATA[[Socket]
177 ListenStream=80
178
179 [Install]
180 WantedBy=sockets.target]]>
181 </programlisting>
182 </example>
183 <example label="combined proxy and nginx service unit">
184
185 <title>
186 /etc/systemd/system/proxy-with-nginx.service</title>
187 <programlisting>
188 <![CDATA[[Unit]
189 After=syslog.target remote-fs.target nss-lookup.target
190
191 [Service]
192 ExecStartPre=/usr/sbin/nginx -t
193 ExecStart=/usr/bin/socket-proxyd-nginx.sh
194 PrivateTmp=true
195 PrivateNetwork=true]]>
196 </programlisting>
197 </example>
198 <example label="shell script">
199 <title>
200 /usr/bin/socket-proxyd-nginx.sh</title>
201 <programlisting>
202 <![CDATA[#!/bin/sh
203 /usr/sbin/nginx
204 while [ ! -f /tmp/nginx.pid ]
205 do
206 /usr/bin/inotifywait /tmp/nginx.pid
207 done
208 /usr/bin/systemd-socket-proxyd --ignore-env localhost 8080]]>
209 </programlisting>
210 </example>
211 <example label="nginx configuration">
212 <title>
213 /etc/nginx/nginx.conf</title>
214 <programlisting>
215 <![CDATA[[...]
216 server {
217 listen 8080;
218 listen unix:/tmp/nginx.sock;
219 [...]]]>
220 </programlisting>
221 </example>
222 <example label="commands">
223 <programlisting>
224 <![CDATA[$ sudo systemctl --system daemon-reload
225 $ sudo systemctl start proxy-with-nginx.socket
226 $ sudo systemctl enable proxy-with-nginx.socket
227 $ curl http://localhost:80/]]>
228 </programlisting>
229 </example>
230 </refsect2>
231 </refsect1>
232 <refsect1>
233 <title>See Also</title>
234 <para>
235 <citerefentry>
236 <refentrytitle>
237 systemd.service</refentrytitle>
238 <manvolnum>5</manvolnum>
239 </citerefentry>,
240 <citerefentry>
241 <refentrytitle>
242 systemd.socket</refentrytitle>
243 <manvolnum>5</manvolnum>
244 </citerefentry>,
245 <citerefentry>
246 <refentrytitle>systemctl</refentrytitle>
247 <manvolnum>1</manvolnum>
248 </citerefentry>,
249 <citerefentry>
250 <refentrytitle>socat</refentrytitle>
251 <manvolnum>1</manvolnum>
252 </citerefentry></para>
253 </refsect1>
254 </refentry>
Unnamed repository; edit this file 'description' to name the repository.