X-Git-Url: https://git.tokkee.org/?p=sysdb.git;a=blobdiff_plain;f=doc%2Fsysdbd.conf.5.txt;fp=doc%2Fsysdbd.conf.5.txt;h=5aed24f7f9d3f1eb1c7240c6c1a9ece161ceeca1;hp=ff4c7102cf90935a5c896746c410897751db57ed;hb=faf43f85e96c8bf723c6554d9113eafd5afe5130;hpb=f57b23c4059c67c4c2c7ab1b06c02c000bcf7250
diff --git a/doc/sysdbd.conf.5.txt b/doc/sysdbd.conf.5.txt
index ff4c710..5aed24f 100644
--- a/doc/sysdbd.conf.5.txt
+++ b/doc/sysdbd.conf.5.txt
@@ -12,6 +12,10 @@ SYNOPSIS
Interval 300
Listen "unix:/var/run/sysdbd.sock"
+
+ SSLCertificate "/etc/sysdb/ssl/cert.pem"
+ SSLCertificateKey "/etc/sysdb/ssl/key.pem"
+
LoadPlugin "syslog"
@@ -38,12 +42,12 @@ any real (user-facing) functionality, the most important part of the
configuration is loading and configuring plugins.
The syntax of this configuration file is similar to that of the Apache
-webserver. It is made up of _options_ and _sections_. Each option contains a
+webserver. It is made up of _options_ and _blocks_. Each option contains a
_key_ and one or more _values_ separated by spaces and terminated by a newline
-character. Sections are enclosed in a start- and end-tag, each on a line of
+character. Blocks are enclosed in a start- and end-tag, each on a line of
their own. These tags are enclosed in angle brackets and also contain a key
-and value. Section end-tags only contain the key of the start-tag prepended by
-a forward-slash ("/"). Empty lines are ignored as well as any unquoted hash
+and value. A block's end-tag only contain the key of the start-tag prepended
+by a forward-slash ("/"). Empty lines are ignored as well as any unquoted hash
symbol ("#") including anything following up to the following newline. Keys
are unquoted strings consisting only of alphanumeric characters and the
underscore character ("_"). Values may either be unquoted strings, quoted
@@ -70,13 +74,28 @@ GLOBAL SETTINGS
*Listen* ''::
Sets the address on which sysdbd is to listen for client connections. It
- supports UNIX domain sockets. The path name needs to be prefixed by
- 'unix:'.
+ supports UNIX domain sockets and TCP sockets using TLS encryption. UNIX
+ socket addresses are specified by the path name of the socket, optionally
+ prefixed with 'unix:'. TCP listen addresses may be specified as
+ ':', optionally prefixed with 'tcp:'. The host may be a
+ hostname, an IPv4 address or and IPv6 address. It may be empty or
+ '0.0.0.0' / '::' to listen on all local addresses. *Listen* may optionally
+ be a block containing any of the following options:
+
+ *SSLCertificate* '';;
+ Specify the SSL server certificate file to use for SSL connections.
+
+ *SSLCertificateKey* '';;
+ Specify the SSL server private key file to use for SSL connections.
+
+ *SSLCACertificates* '';;
+ Specify the file containing CA certificates for client verification
+ purposes to use for SSL connnections.
*LoadBackend* ''::
Loads the backend named ''. Backends are special plugins taking care
- of collecting values from external systems. This may optionally be a
- section containing any of the following options:
+ of collecting values from external systems. This may optionally be a block
+ containing any of the following options:
*Interval* '';;
Overwrite the global interval setting by setting a custom interval to