* [PATCH 0/4] doc updates and simplifications
@ 2022-08-11 20:13 Eric Wong
2022-08-11 20:13 ` [PATCH 1/4] doc: drop ancient Apache and WEBrick examples Eric Wong
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Eric Wong @ 2022-08-11 20:13 UTC (permalink / raw)
To: meta
I should've done -netd in 2016 when I did -httpd :x
Eric Wong (4):
doc: drop ancient Apache and WEBrick examples
examples: consolidate systemd socket examples
examples: add systemd files for -netd
doc: spell out "PROTOCOL" in examples
Documentation/lei-blob.pod | 2 +-
Documentation/lei-convert.pod | 2 +-
Documentation/lei-import.pod | 2 +-
Documentation/lei-lcat.pod | 2 +-
Documentation/lei-q.pod | 2 +-
Documentation/lei-rediff.pod | 2 +-
Documentation/public-inbox-daemon.pod | 4 +-
Documentation/public-inbox-imapd.pod | 6 +--
Documentation/public-inbox-netd.pod | 4 +-
Documentation/public-inbox-nntpd.pod | 4 +-
Documentation/public-inbox-pop3d.pod | 6 +--
MANIFEST | 9 +---
examples/README | 4 --
examples/apache2_cgi.conf | 34 --------------
examples/apache2_perl.conf | 25 -----------
examples/apache2_perl_old.conf | 38 ----------------
examples/cgi-webrick.rb | 25 -----------
examples/public-inbox-httpd.socket | 3 ++
examples/public-inbox-httpd@.service | 3 ++
examples/public-inbox-imap-onion.socket | 12 -----
examples/public-inbox-imapd.socket | 17 ++++++-
examples/public-inbox-imapd@.service | 12 ++---
examples/public-inbox-imaps.socket | 12 -----
examples/public-inbox-netd.socket | 45 +++++++++++++++++++
examples/public-inbox-netd@.service | 60 +++++++++++++++++++++++++
examples/public-inbox-nntpd.socket | 21 ++++++++-
examples/public-inbox-nntpd@.service | 9 ++--
examples/public-inbox-nntps.socket | 12 -----
28 files changed, 178 insertions(+), 199 deletions(-)
delete mode 100644 examples/apache2_cgi.conf
delete mode 100644 examples/apache2_perl.conf
delete mode 100644 examples/apache2_perl_old.conf
delete mode 100644 examples/cgi-webrick.rb
delete mode 100644 examples/public-inbox-imap-onion.socket
delete mode 100644 examples/public-inbox-imaps.socket
create mode 100644 examples/public-inbox-netd.socket
create mode 100644 examples/public-inbox-netd@.service
delete mode 100644 examples/public-inbox-nntps.socket
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH 1/4] doc: drop ancient Apache and WEBrick examples
2022-08-11 20:13 [PATCH 0/4] doc updates and simplifications Eric Wong
@ 2022-08-11 20:13 ` Eric Wong
2022-08-11 20:13 ` [PATCH 2/4] examples: consolidate systemd socket examples Eric Wong
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Eric Wong @ 2022-08-11 20:13 UTC (permalink / raw)
To: meta
Having old, unmaintained docs for other HTTP servers is likely
harmful at this point. public-inbox-httpd is specifically
designed to handle git repos on slow storage and stream giant
mbox.gz files fairly to slow clients.
---
MANIFEST | 4 ----
examples/README | 4 ----
examples/apache2_cgi.conf | 34 ------------------------------
examples/apache2_perl.conf | 25 ----------------------
examples/apache2_perl_old.conf | 38 ----------------------------------
examples/cgi-webrick.rb | 25 ----------------------
6 files changed, 130 deletions(-)
delete mode 100644 examples/apache2_cgi.conf
delete mode 100644 examples/apache2_perl.conf
delete mode 100644 examples/apache2_perl_old.conf
delete mode 100644 examples/cgi-webrick.rb
diff --git a/MANIFEST b/MANIFEST
index d37ba0ab..196b9627 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -122,10 +122,6 @@ devel/README
devel/syscall-list
examples/README
examples/README.unsubscribe
-examples/apache2_cgi.conf
-examples/apache2_perl.conf
-examples/apache2_perl_old.conf
-examples/cgi-webrick.rb
examples/cgit-commit-filter.lua
examples/cgit-wwwhighlight-filter.lua
examples/cgit.psgi
diff --git a/examples/README b/examples/README
index 1d5dcd34..5674d7ed 100644
--- a/examples/README
+++ b/examples/README
@@ -9,10 +9,6 @@ For PSGI/Plack (HTTP) servers
-----------------------------
public-inbox.psgi - starting point for PSGI/Plack users in production and dev
-For Apache2 users
------------------
-apache2_perl.conf - intended to be the basis of a production config
-
Contact
-------
Please send any related feedback to public-inbox: meta@public-inbox.org
diff --git a/examples/apache2_cgi.conf b/examples/apache2_cgi.conf
deleted file mode 100644
index 5ec64d72..00000000
--- a/examples/apache2_cgi.conf
+++ /dev/null
@@ -1,34 +0,0 @@
-# Example Apache2 configuration using CGI mod_cgi
-# If possible, use mod_perl (see apache2_perl.conf) or
-# a standalone PSGI/Plack # server instead of this.
-# Adjust paths to your installation.
-
-ServerName "public-inbox"
-ServerRoot "/var/www/cgi-bin"
-DocumentRoot "/var/www/cgi-bin"
-ErrorLog "/tmp/public-inbox-error.log"
-PidFile "/tmp/public-inbox.pid"
-Listen 127.0.0.1:8080
-LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so
-LoadModule env_module /usr/lib/apache2/modules/mod_env.so
-LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so
-LoadModule dir_module /usr/lib/apache2/modules/mod_dir.so
-LoadModule mime_module /usr/lib/apache2/modules/mod_mime.so
-TypesConfig "/dev/null"
-
-<Directory /var/www/cgi-bin>
- Options +ExecCGI
- AddHandler cgi-script .cgi
-
- # we use this hack to ensure "public-inbox.cgi" doesn't show up
- # in any of our redirects:
- SetEnv NO_SCRIPT_NAME 1
-
- # our public-inbox.cgi requires PATH_INFO-based URLs with minimal
- # use of query parameters
- DirectoryIndex public-inbox.cgi
- RewriteEngine On
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteRule ^.* /public-inbox.cgi/$0 [L,PT]
-</Directory>
diff --git a/examples/apache2_perl.conf b/examples/apache2_perl.conf
deleted file mode 100644
index a4721b5b..00000000
--- a/examples/apache2_perl.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-# Example Apache2 configuration using Plack::Handler::Apache2
-# Adjust paths to your installation
-
-ServerName "public-inbox"
-ServerRoot "/var/www"
-DocumentRoot "/var/www"
-ErrorLog "/tmp/public-inbox-error.log"
-PidFile "/tmp/public-inbox.pid"
-Listen 127.0.0.1:8080
-LoadModule perl_module /usr/lib/apache2/modules/mod_perl.so
-
-# no need to set no rely on HOME if using this:
-PerlSetEnv PI_CONFIG /home/pi/.public-inbox/config
-
-<Location />
- SetHandler perl-script
- PerlResponseHandler Plack::Handler::Apache2
- PerlSetVar psgi_app /path/to/public-inbox.psgi
-</Location>
-
-# Optional, preload the application in the parent like startup.pl
-<Perl>
- use Plack::Handler::Apache2;
- Plack::Handler::Apache2->preload("/path/to/public-inbox.psgi");
-</Perl>
diff --git a/examples/apache2_perl_old.conf b/examples/apache2_perl_old.conf
deleted file mode 100644
index a6de2304..00000000
--- a/examples/apache2_perl_old.conf
+++ /dev/null
@@ -1,38 +0,0 @@
-# Example legacy Apache2 configuration using CGI + mod_perl2
-# Consider using Plack::Handler::Apache2 instead (see apache2_perl.conf)
-# Adjust paths to your installation
-
-ServerName "public-inbox"
-ServerRoot "/var/www/cgi-bin"
-DocumentRoot "/var/www/cgi-bin"
-ErrorLog "/tmp/public-inbox-error.log"
-PidFile "/tmp/public-inbox.pid"
-Listen 127.0.0.1:8080
-LoadModule perl_module /usr/lib/apache2/modules/mod_perl.so
-LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so
-LoadModule dir_module /usr/lib/apache2/modules/mod_dir.so
-LoadModule mime_module /usr/lib/apache2/modules/mod_mime.so
-TypesConfig "/dev/null"
-
-# PerlPassEnv PATH # this is implicit
-<Directory /var/www/cgi-bin>
- Options +ExecCGI
- AddHandler perl-script .cgi
- PerlResponseHandler ModPerl::Registry
- PerlOptions +ParseHeaders
-
- # we use this hack to ensure "public-inbox.cgi" doesn't show up
- # in any of our redirects:
- PerlSetEnv NO_SCRIPT_NAME 1
-
- # no need to set no rely on HOME if using this:
- PerlSetEnv PI_CONFIG /home/pi/.public-inbox/config
-
- # our public-inbox.cgi requires PATH_INFO-based URLs with minimal
- # use of query parameters
- DirectoryIndex public-inbox.cgi
- RewriteEngine On
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteRule ^.* /public-inbox.cgi/$0 [L,PT]
-</Directory>
diff --git a/examples/cgi-webrick.rb b/examples/cgi-webrick.rb
deleted file mode 100644
index 5554a012..00000000
--- a/examples/cgi-webrick.rb
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/usr/bin/env ruby
-# Sample configuration using WEBrick, mainly intended dev/testing
-# for folks familiar with Ruby and not various Perl webserver
-# deployment options. For those familiar with Perl web servers,
-# plackup(1) is recommended for development and public-inbox-httpd(1)
-# is our production deployment server.
-require 'webrick'
-require 'logger'
-options = {
- :BindAddress => '127.0.0.1',
- :Port => 8080,
- :Logger => Logger.new($stderr),
- :CGIPathEnv => ENV['PATH'], # need to run 'git' commands
- :AccessLog => [
- [ Logger.new($stdout), WEBrick::AccessLog::COMBINED_LOG_FORMAT ]
- ],
-}
-server = WEBrick::HTTPServer.new(options)
-server.mount("/",
- WEBrick::HTTPServlet::CGIHandler,
- "/var/www/cgi-bin/public-inbox.cgi")
-['INT', 'TERM'].each do |signal|
- trap(signal) {exit!(0)}
-end
-server.start
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 2/4] examples: consolidate systemd socket examples
2022-08-11 20:13 [PATCH 0/4] doc updates and simplifications Eric Wong
2022-08-11 20:13 ` [PATCH 1/4] doc: drop ancient Apache and WEBrick examples Eric Wong
@ 2022-08-11 20:13 ` Eric Wong
2022-08-11 20:13 ` [PATCH 3/4] examples: add systemd files for -netd Eric Wong
2022-08-11 20:13 ` [PATCH 4/4] doc: spell out "PROTOCOL" in examples Eric Wong
3 siblings, 0 replies; 5+ messages in thread
From: Eric Wong @ 2022-08-11 20:13 UTC (permalink / raw)
To: meta
systemd.socket(5) files can actually contain multiple listen
sockets, so shave down inode overhead and simplify config
file management by consolidating all applicable ports into
a single file for each daemon.
---
MANIFEST | 3 ---
examples/public-inbox-imap-onion.socket | 12 ------------
examples/public-inbox-imapd.socket | 14 +++++++++++++-
examples/public-inbox-imapd@.service | 9 +++------
examples/public-inbox-imaps.socket | 12 ------------
examples/public-inbox-nntpd.socket | 18 ++++++++++++++++--
examples/public-inbox-nntpd@.service | 6 +++---
examples/public-inbox-nntps.socket | 12 ------------
8 files changed, 35 insertions(+), 51 deletions(-)
delete mode 100644 examples/public-inbox-imap-onion.socket
delete mode 100644 examples/public-inbox-imaps.socket
delete mode 100644 examples/public-inbox-nntps.socket
diff --git a/MANIFEST b/MANIFEST
index 196b9627..9900b776 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -134,13 +134,10 @@ examples/nginx_proxy
examples/public-inbox-config
examples/public-inbox-httpd.socket
examples/public-inbox-httpd@.service
-examples/public-inbox-imap-onion.socket
examples/public-inbox-imapd.socket
examples/public-inbox-imapd@.service
-examples/public-inbox-imaps.socket
examples/public-inbox-nntpd.socket
examples/public-inbox-nntpd@.service
-examples/public-inbox-nntps.socket
examples/public-inbox-watch.service
examples/public-inbox.psgi
examples/unsubscribe-milter.socket
diff --git a/examples/public-inbox-imap-onion.socket b/examples/public-inbox-imap-onion.socket
deleted file mode 100644
index 76b4e7ca..00000000
--- a/examples/public-inbox-imap-onion.socket
+++ /dev/null
@@ -1,12 +0,0 @@
-# ==> /etc/systemd/system/public-inbox-imap-onion.socket <==
-# This unit is for the corresponding line in torrc(5):
-# HiddenServicePort 143 unix:/run/imapd.onion.sock
-[Unit]
-Description = public-inbox-imap .onion socket
-
-[Socket]
-ListenStream = /run/imapd.onion.sock
-Service = public-inbox-imapd@1.service
-
-[Install]
-WantedBy = sockets.target
diff --git a/examples/public-inbox-imapd.socket b/examples/public-inbox-imapd.socket
index fcd924fd..c3c55ea1 100644
--- a/examples/public-inbox-imapd.socket
+++ b/examples/public-inbox-imapd.socket
@@ -1,11 +1,23 @@
# ==> /etc/systemd/system/public-inbox-imapd.socket <==
+# This contains 5 sockets for an public-inbox-imapd instance.
+# The TCP ports are well-known ports registered in /etc/services.
+# The /run/imapd.onion.sock entry is meant for the Tor hidden service
+# enabled by the following line in the torrc(5) file:
+# HiddenServicePort 143 unix:/run/imapd.onion.sock
[Unit]
-Description = public-inbox-imapd socket
+Description = public-inbox-imapd sockets
[Socket]
ListenStream = 0.0.0.0:143
+ListenStream = 0.0.0.0:993
+ListenStream = /run/imapd.onion.sock
+
+# Separating IPv4 from IPv6 listeners makes for nicer output
+# of IPv4 addresses in various reporting/monitoring tools
BindIPv6Only = ipv6-only
ListenStream = [::]:143
+ListenStream = [::]:993
+
Service = public-inbox-imapd@1.service
[Install]
diff --git a/examples/public-inbox-imapd@.service b/examples/public-inbox-imapd@.service
index e0446ed3..f7428d85 100644
--- a/examples/public-inbox-imapd@.service
+++ b/examples/public-inbox-imapd@.service
@@ -7,10 +7,8 @@
[Unit]
Description = public-inbox-imapd IMAP server %i
-Wants = public-inbox-imapd.socket public-inbox-imaps.socket \
-public-inbox-imap-onion.socket
-After = public-inbox-imapd.socket public-inbox-imaps.socket \
-public-inbox-imap-onion.socket
+Wants = public-inbox-imapd.socket
+After = public-inbox-imapd.socket
[Service]
Environment = PI_CONFIG=/home/pi/.public-inbox/config \
@@ -29,8 +27,7 @@ StandardError = syslog
# simultaneous services
NonBlocking = true
-Sockets = public-inbox-imapd.socket public-inbox-imaps.socket \
-public-inbox-imap-onion.socket
+Sockets = public-inbox-imapd.socket
KillSignal = SIGQUIT
User = nobody
diff --git a/examples/public-inbox-imaps.socket b/examples/public-inbox-imaps.socket
deleted file mode 100644
index b61cc742..00000000
--- a/examples/public-inbox-imaps.socket
+++ /dev/null
@@ -1,12 +0,0 @@
-# ==> /etc/systemd/system/public-inbox-imaps.socket <==
-[Unit]
-Description = public-inbox-imaps socket
-
-[Socket]
-ListenStream = 0.0.0.0:993
-BindIPv6Only = ipv6-only
-ListenStream = [::]:993
-Service = public-inbox-imapd@1.service
-
-[Install]
-WantedBy = sockets.target
diff --git a/examples/public-inbox-nntpd.socket b/examples/public-inbox-nntpd.socket
index eeddf343..0a3ccb2f 100644
--- a/examples/public-inbox-nntpd.socket
+++ b/examples/public-inbox-nntpd.socket
@@ -1,9 +1,23 @@
# ==> /etc/systemd/system/public-inbox-nntpd.socket <==
+# This contains 5 sockets for an public-inbox-nntpd instance.
+# The TCP ports are well-known ports registered in /etc/services.
+# The /run/nntpd.onion.sock entry is meant for the Tor hidden service
+# enabled by the following line in the torrc(5) file:
+# HiddenServicePort 119 unix:/run/nntpd.onion.sock
[Unit]
-Description = public-inbox-nntpd socket
+Description = public-inbox-nntpd sockets
[Socket]
-ListenStream = 119
+ListenStream = 0.0.0.0:119
+ListenStream = 0.0.0.0:563
+ListenStream = /run/nntpd.onion.sock
+
+# Separating IPv4 from IPv6 listeners makes for nicer output
+# of IPv4 addresses in various reporting/monitoring tools
+BindIPv6Only = ipv6-only
+ListenStream = [::]:119
+ListenStream = [::]:563
+
Service = public-inbox-nntpd@1.service
[Install]
diff --git a/examples/public-inbox-nntpd@.service b/examples/public-inbox-nntpd@.service
index 4dd2f5d7..d6aea067 100644
--- a/examples/public-inbox-nntpd@.service
+++ b/examples/public-inbox-nntpd@.service
@@ -7,8 +7,8 @@
[Unit]
Description = public-inbox NNTP server %i
-Wants = public-inbox-nntpd.socket public-inbox-nntps.socket
-After = public-inbox-nntpd.socket public-inbox-nntps.socket
+Wants = public-inbox-nntpd.socket
+After = public-inbox-nntpd.socket
[Service]
Environment = PI_CONFIG=/home/pi/.public-inbox/config \
@@ -27,7 +27,7 @@ StandardError = syslog
# simultaneous services
NonBlocking = true
-Sockets = public-inbox-nntpd.socket public-inbox-nntps.socket
+Sockets = public-inbox-nntpd.socket
KillSignal = SIGQUIT
User = nobody
diff --git a/examples/public-inbox-nntps.socket b/examples/public-inbox-nntps.socket
deleted file mode 100644
index fa678196..00000000
--- a/examples/public-inbox-nntps.socket
+++ /dev/null
@@ -1,12 +0,0 @@
-# ==> /etc/systemd/system/public-inbox-nntps.socket <==
-[Unit]
-Description = public-inbox-nntps socket
-
-[Socket]
-ListenStream = 0.0.0.0:563
-BindIPv6Only = ipv6-only
-ListenStream = [::]:563
-Service = public-inbox-nntpd@1.service
-
-[Install]
-WantedBy = sockets.target
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 3/4] examples: add systemd files for -netd
2022-08-11 20:13 [PATCH 0/4] doc updates and simplifications Eric Wong
2022-08-11 20:13 ` [PATCH 1/4] doc: drop ancient Apache and WEBrick examples Eric Wong
2022-08-11 20:13 ` [PATCH 2/4] examples: consolidate systemd socket examples Eric Wong
@ 2022-08-11 20:13 ` Eric Wong
2022-08-11 20:13 ` [PATCH 4/4] doc: spell out "PROTOCOL" in examples Eric Wong
3 siblings, 0 replies; 5+ messages in thread
From: Eric Wong @ 2022-08-11 20:13 UTC (permalink / raw)
To: meta
It's important show that a single systemd service and socket file
can replace all other read-only daemons for ease-of-management.
---
MANIFEST | 2 +
examples/public-inbox-httpd.socket | 3 ++
examples/public-inbox-httpd@.service | 3 ++
examples/public-inbox-imapd.socket | 3 ++
examples/public-inbox-imapd@.service | 3 ++
examples/public-inbox-netd.socket | 45 +++++++++++++++++++++
examples/public-inbox-netd@.service | 60 ++++++++++++++++++++++++++++
examples/public-inbox-nntpd.socket | 3 ++
examples/public-inbox-nntpd@.service | 3 ++
9 files changed, 125 insertions(+)
create mode 100644 examples/public-inbox-netd.socket
create mode 100644 examples/public-inbox-netd@.service
diff --git a/MANIFEST b/MANIFEST
index 9900b776..cc0a9a4c 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -136,6 +136,8 @@ examples/public-inbox-httpd.socket
examples/public-inbox-httpd@.service
examples/public-inbox-imapd.socket
examples/public-inbox-imapd@.service
+examples/public-inbox-netd.socket
+examples/public-inbox-netd@.service
examples/public-inbox-nntpd.socket
examples/public-inbox-nntpd@.service
examples/public-inbox-watch.service
diff --git a/examples/public-inbox-httpd.socket b/examples/public-inbox-httpd.socket
index 1a1ed735..3a6e4432 100644
--- a/examples/public-inbox-httpd.socket
+++ b/examples/public-inbox-httpd.socket
@@ -1,4 +1,7 @@
# ==> /etc/systemd/system/public-inbox-httpd.socket <==
+# Consider looking at public-inbox-netd.socket instead of this file
+# to simplify management when serving multiple protocols.
+
[Unit]
Description = public-inbox-httpd socket
diff --git a/examples/public-inbox-httpd@.service b/examples/public-inbox-httpd@.service
index 147f7c6d..73731533 100644
--- a/examples/public-inbox-httpd@.service
+++ b/examples/public-inbox-httpd@.service
@@ -1,4 +1,7 @@
# ==> /etc/systemd/system/public-inbox-httpd@.service <==
+# Consider looking at public-inbox-netd@.service instead of this file
+# to simplify management when serving multiple protocols.
+#
# Since SIGUSR2 upgrades do not work under systemd, this service file
# allows starting two simultaneous services during upgrade time
# (e.g. public-inbox-httpd@1 public-inbox-httpd@2) with the intention
diff --git a/examples/public-inbox-imapd.socket b/examples/public-inbox-imapd.socket
index c3c55ea1..22ce16fb 100644
--- a/examples/public-inbox-imapd.socket
+++ b/examples/public-inbox-imapd.socket
@@ -1,4 +1,7 @@
# ==> /etc/systemd/system/public-inbox-imapd.socket <==
+# Consider looking at public-inbox-netd.socket instead of this file
+# to simplify management when serving multiple protocols.
+#
# This contains 5 sockets for an public-inbox-imapd instance.
# The TCP ports are well-known ports registered in /etc/services.
# The /run/imapd.onion.sock entry is meant for the Tor hidden service
diff --git a/examples/public-inbox-imapd@.service b/examples/public-inbox-imapd@.service
index f7428d85..300019a8 100644
--- a/examples/public-inbox-imapd@.service
+++ b/examples/public-inbox-imapd@.service
@@ -1,4 +1,7 @@
# ==> /etc/systemd/system/public-inbox-imapd@.service <==
+# Consider looking at public-inbox-netd@.service instead of this file
+# to simplify management when serving multiple protocols.
+#
# Since SIGUSR2 upgrades do not work under systemd, this service file
# allows starting two simultaneous services during upgrade time
# (e.g. public-inbox-imapd@1 public-inbox-imapd@2) with the intention
diff --git a/examples/public-inbox-netd.socket b/examples/public-inbox-netd.socket
new file mode 100644
index 00000000..9a19602e
--- /dev/null
+++ b/examples/public-inbox-netd.socket
@@ -0,0 +1,45 @@
+# ==> /etc/systemd/system/public-inbox-netd.socket <==
+# This contains all the services that public-inbox-netd can run;
+# allowing it to replace (or run in parallel to) any existing -httpd,
+# -imapd, -nntpd, or -pop3d instances.
+#
+# The TCP ports are well-known ports registered in /etc/services.
+# The /run/*.sock entries are meant for the Tor hidden service
+# enabled by the following lines in the torrc(5) file:
+# HiddenServicePort 110 unix:/run/pop3.sock
+# HiddenServicePort 119 unix:/run/nntp.sock
+# HiddenServicePort 143 unix:/run/imap.sock
+[Unit]
+Description = public-inbox-netd sockets
+
+[Socket]
+# for tor (see torrc(5))
+ListenStream = /run/imap.sock
+ListenStream = /run/pop3.sock
+ListenStream = /run/nntp.sock
+
+# this is for varnish:
+ListenStream = 127.0.0.1:280
+
+# public facing
+ListenStream = 0.0.0.0:110
+ListenStream = 0.0.0.0:119
+ListenStream = 0.0.0.0:143
+ListenStream = 0.0.0.0:563
+ListenStream = 0.0.0.0:993
+ListenStream = 0.0.0.0:995
+
+# Separating IPv4 from IPv6 listeners makes for nicer output
+# of IPv4 addresses in various reporting/monitoring tools
+BindIPv6Only = ipv6-only
+ListenStream = [::]:110
+ListenStream = [::]:119
+ListenStream = [::]:143
+ListenStream = [::]:563
+ListenStream = [::]:993
+ListenStream = [::]:995
+
+Service = public-inbox-netd@1.service
+
+[Install]
+WantedBy = sockets.target
diff --git a/examples/public-inbox-netd@.service b/examples/public-inbox-netd@.service
new file mode 100644
index 00000000..de5feea6
--- /dev/null
+++ b/examples/public-inbox-netd@.service
@@ -0,0 +1,60 @@
+# ==> /etc/systemd/system/public-inbox-netd@.service <==
+# Since SIGUSR2 upgrades do not work under systemd, this service file
+# allows starting two simultaneous services during upgrade time
+# (e.g. public-inbox-netd@1 public-inbox-netd@2) with the intention
+# that they take turns running in-between upgrades. This should
+# allow upgrading without downtime.
+# For servers expecting visitors from multiple timezones, TZ=UTC
+# is needed to ensure a consistent approxidate experience with search.
+[Unit]
+Description = public-inbox-netd server %i
+Wants = public-inbox-netd.socket
+After = public-inbox-netd.socket
+
+[Service]
+Environment = PI_CONFIG=/home/pi/.public-inbox/config \
+PATH=/usr/local/bin:/usr/bin:/bin \
+TZ=UTC \
+PERL_INLINE_DIRECTORY=/tmp/.netd-inline
+
+LimitNOFILE = 30000
+LimitCORE = infinity
+ExecStartPre = /bin/mkdir -p -m 1777 /tmp/.netd-inline
+
+# The '-l' args below map each socket in public-inbox-netd.socket to
+# the appropriate IANA service name:
+ExecStart = /usr/local/bin/public-inbox-netd -W0 \
+-1 /var/log/netd/stdout.out.log \
+--cert /etc/ssl/certs/news.example.com.pem \
+--key /etc/ssl/private/news.example.com.key
+-l imap:///run/imap.sock?out=/var/log/netd/imap.out,err=/var/log/netd/imap.err \
+-l nntp:///run/nntp.sock?out=/var/log/netd/nntp.out,err=/var/log/netd/nntp.err \
+-l pop3:///run/pop3.sock?out=/var/log/netd/pop3.out,err=/var/log/netd/pop3.err \
+-l imap://0.0.0.0/?out=/var/log/netd/imap.out,err=/var/log/netd/imap.err \
+-l nntp://0.0.0.0/?out=/var/log/netd/nntp.out,err=/var/log/netd/nntp.err \
+-l pop3://0.0.0.0/?out=/var/log/netd/pop3.out,err=/var/log/netd/pop3.err \
+-l imap://[::]/?out=/var/log/netd/imap.out,err=/var/log/netd/imap.err \
+-l nntp://[::]/?out=/var/log/netd/nntp.out,err=/var/log/netd/nntp.err \
+-l pop3://[::]/?out=/var/log/netd/pop3.out,err=/var/log/netd/pop3.err \
+-l imaps://0.0.0.0/?out=/var/log/netd/imap.out,err=/var/log/netd/imap.err \
+-l nntps://0.0.0.0/?out=/var/log/netd/nntp.out,err=/var/log/netd/nntp.err \
+-l pop3s://0.0.0.0/?out=/var/log/netd/pop3.out,err=/var/log/netd/pop3.err \
+-l imaps://[::]/?out=/var/log/netd/imap.out,err=/var/log/netd/imap.err \
+-l nntps://[::]/?out=/var/log/netd/nntp.out,err=/var/log/netd/nntp.err \
+-l pop3s://[::]/?out=/var/log/netd/pop3.out,err=/var/log/netd/pop3.err \
+-l http://127.0.0.1:280/?psgi=/etc/public.psgi,err=/var/log/netd/http.err
+
+# NonBlocking is REQUIRED to avoid a race condition if running
+# simultaneous services
+NonBlocking = true
+
+Sockets = public-inbox-netd.socket
+KillSignal = SIGQUIT
+User = news
+Group = ssl-cert
+ExecReload = /bin/kill -HUP $MAINPID
+TimeoutStopSec = 30
+KillMode = process
+
+[Install]
+WantedBy = multi-user.target
diff --git a/examples/public-inbox-nntpd.socket b/examples/public-inbox-nntpd.socket
index 0a3ccb2f..10335d8d 100644
--- a/examples/public-inbox-nntpd.socket
+++ b/examples/public-inbox-nntpd.socket
@@ -1,4 +1,7 @@
# ==> /etc/systemd/system/public-inbox-nntpd.socket <==
+# Consider looking at public-inbox-netd.socket instead of this file
+# to simplify management when serving multiple protocols.
+#
# This contains 5 sockets for an public-inbox-nntpd instance.
# The TCP ports are well-known ports registered in /etc/services.
# The /run/nntpd.onion.sock entry is meant for the Tor hidden service
diff --git a/examples/public-inbox-nntpd@.service b/examples/public-inbox-nntpd@.service
index d6aea067..56e1cc8f 100644
--- a/examples/public-inbox-nntpd@.service
+++ b/examples/public-inbox-nntpd@.service
@@ -1,4 +1,7 @@
# ==> /etc/systemd/system/public-inbox-nntpd@.service <==
+# Consider looking at public-inbox-netd@.service instead of this file
+# to simplify management when serving multiple protocols.
+#
# Since SIGUSR2 upgrades do not work under systemd, this service file
# allows starting two simultaneous services during upgrade time
# (e.g. public-inbox-nntpd@1 public-inbox-nntpd@2) with the intention
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 4/4] doc: spell out "PROTOCOL" in examples
2022-08-11 20:13 [PATCH 0/4] doc updates and simplifications Eric Wong
` (2 preceding siblings ...)
2022-08-11 20:13 ` [PATCH 3/4] examples: add systemd files for -netd Eric Wong
@ 2022-08-11 20:13 ` Eric Wong
3 siblings, 0 replies; 5+ messages in thread
From: Eric Wong @ 2022-08-11 20:13 UTC (permalink / raw)
To: meta
"PROTO" is probably ambiguous, and we'll use the same
terminology as used in curl(1) documentation.
---
Documentation/lei-blob.pod | 2 +-
Documentation/lei-convert.pod | 2 +-
Documentation/lei-import.pod | 2 +-
Documentation/lei-lcat.pod | 2 +-
Documentation/lei-q.pod | 2 +-
Documentation/lei-rediff.pod | 2 +-
Documentation/public-inbox-daemon.pod | 4 ++--
Documentation/public-inbox-imapd.pod | 6 +++---
Documentation/public-inbox-netd.pod | 4 ++--
Documentation/public-inbox-nntpd.pod | 4 ++--
Documentation/public-inbox-pop3d.pod | 6 +++---
11 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/Documentation/lei-blob.pod b/Documentation/lei-blob.pod
index e401bb47..558fc54c 100644
--- a/Documentation/lei-blob.pod
+++ b/Documentation/lei-blob.pod
@@ -86,7 +86,7 @@ reconstructed from patch emails.
=item --no-torsocks
-=item --proxy=PROTO://HOST[:PORT]
+=item --proxy=PROTOCOL://HOST[:PORT]
=back
diff --git a/Documentation/lei-convert.pod b/Documentation/lei-convert.pod
index c113db18..b3e29824 100644
--- a/Documentation/lei-convert.pod
+++ b/Documentation/lei-convert.pod
@@ -48,7 +48,7 @@ L<lei-q(1)>.
=item --no-torsocks
-=item --proxy=PROTO://HOST[:PORT]
+=item --proxy=PROTOCOL://HOST[:PORT]
=back
diff --git a/Documentation/lei-import.pod b/Documentation/lei-import.pod
index ad769084..4ac7dccd 100644
--- a/Documentation/lei-import.pod
+++ b/Documentation/lei-import.pod
@@ -81,7 +81,7 @@ Whether to wrap L<git(1)> and L<curl(1)> commands with L<torsocks(1)>.
Default: C<auto>
-=item --proxy=PROTO://HOST[:PORT]
+=item --proxy=PROTOCOL://HOST[:PORT]
Use the specified proxy (e.g., C<socks5h://0:9050>).
diff --git a/Documentation/lei-lcat.pod b/Documentation/lei-lcat.pod
index e85e5e67..e8073862 100644
--- a/Documentation/lei-lcat.pod
+++ b/Documentation/lei-lcat.pod
@@ -52,7 +52,7 @@ which lets you pipe arbitrary lines to arbitrary commands).
=item --torsocks=auto|no|yes, --no-torsocks
-=item --proxy=PROTO://HOST[:PORT]
+=item --proxy=PROTOCOL://HOST[:PORT]
=item -o MFOLDER, --output=MFOLDER
diff --git a/Documentation/lei-q.pod b/Documentation/lei-q.pod
index 1cbffba4..2f0c3bc6 100644
--- a/Documentation/lei-q.pod
+++ b/Documentation/lei-q.pod
@@ -241,7 +241,7 @@ Whether to wrap L<git(1)> and L<curl(1)> commands with L<torsocks(1)>.
Default: C<auto>
-=item --proxy=PROTO://HOST[:PORT]
+=item --proxy=PROTOCOL://HOST[:PORT]
=back
diff --git a/Documentation/lei-rediff.pod b/Documentation/lei-rediff.pod
index 4d5e8168..f18548d3 100644
--- a/Documentation/lei-rediff.pod
+++ b/Documentation/lei-rediff.pod
@@ -104,7 +104,7 @@ The options below, described in L<lei-q(1)>, are also supported.
=item --torsocks=auto|no|yes, --no-torsocks
-=item --proxy=PROTO://HOST[:PORT]
+=item --proxy=PROTOCOL://HOST[:PORT]
=back
diff --git a/Documentation/public-inbox-daemon.pod b/Documentation/public-inbox-daemon.pod
index 5d26ce56..81a79a10 100644
--- a/Documentation/public-inbox-daemon.pod
+++ b/Documentation/public-inbox-daemon.pod
@@ -31,9 +31,9 @@ processes to take advantage of multiple CPUs.
=over
-=item -l [PROTO://]ADDRESS[?opt1=val1,opt2=val2]
+=item -l [PROTOCOL://]ADDRESS[?opt1=val1,opt2=val2]
-=item --listen [PROTO://]ADDRESS[?opt1=val1,opt2=val2]
+=item --listen [PROTOCOL://]ADDRESS[?opt1=val1,opt2=val2]
This takes an absolute path to a Unix socket or HOST:PORT
to listen on. For example, to listen to TCP connections on
diff --git a/Documentation/public-inbox-imapd.pod b/Documentation/public-inbox-imapd.pod
index 23577a69..85bf3651 100644
--- a/Documentation/public-inbox-imapd.pod
+++ b/Documentation/public-inbox-imapd.pod
@@ -27,12 +27,12 @@ are supported and documented below.
=over
-=item -l PROTO://ADDRESS/?cert=/path/to/cert,key=/path/to/key
+=item -l PROTOCOL://ADDRESS/?cert=/path/to/cert,key=/path/to/key
-=item --listen PROTO://ADDRESS/?cert=/path/to/cert,key=/path/to/key
+=item --listen PROTOCOL://ADDRESS/?cert=/path/to/cert,key=/path/to/key
In addition to the normal C<-l>/C<--listen> switch described in
-L<public-inbox-daemon(8)>, the C<PROTO> prefix (e.g. C<imap://> or
+L<public-inbox-daemon(8)>, the C<PROTOCOL> prefix (e.g. C<imap://> or
C<imaps://>) may be specified to force a given protocol.
For STARTTLS and IMAPS support, the C<cert> and C<key> may be specified
diff --git a/Documentation/public-inbox-netd.pod b/Documentation/public-inbox-netd.pod
index 4dc27749..71425e3c 100644
--- a/Documentation/public-inbox-netd.pod
+++ b/Documentation/public-inbox-netd.pod
@@ -25,9 +25,9 @@ See common options in L<public-inbox-daemon(8)/OPTIONS>.
=over
-=item -l PROTO://ADDRESS/?cert=/path/to/cert,key=/path/to/key
+=item -l PROTOCOL://ADDRESS/?cert=/path/to/cert,key=/path/to/key
-=item --listen PROTO://ADDRESS/?cert=/path/to/cert,key=/path/to/key
+=item --listen PROTOCOL://ADDRESS/?cert=/path/to/cert,key=/path/to/key
=item -l http://ADDRESS/?env.PI_CONFIG=/path/to/cfg,psgi=/path/to/app.psgi
diff --git a/Documentation/public-inbox-nntpd.pod b/Documentation/public-inbox-nntpd.pod
index cf53da59..59111f92 100644
--- a/Documentation/public-inbox-nntpd.pod
+++ b/Documentation/public-inbox-nntpd.pod
@@ -26,9 +26,9 @@ are supported and documented below.
=over
-=item -l PROTO://ADDRESS/?cert=/path/to/cert,key=/path/to/key
+=item -l PROTOCOL://ADDRESS/?cert=/path/to/cert,key=/path/to/key
-=item --listen PROTO://ADDRESS/?cert=/path/to/cert,key=/path/to/key
+=item --listen PROTOCOL://ADDRESS/?cert=/path/to/cert,key=/path/to/key
In addition to the normal C<-l>/C<--listen> switch described in
L<public-inbox-daemon(8)>, the protocol prefix (e.g. C<nntp://> or
diff --git a/Documentation/public-inbox-pop3d.pod b/Documentation/public-inbox-pop3d.pod
index 0404c2a7..fb16fb96 100644
--- a/Documentation/public-inbox-pop3d.pod
+++ b/Documentation/public-inbox-pop3d.pod
@@ -50,12 +50,12 @@ See common options in L<public-inbox-daemon(8)/OPTIONS>.
=over
-=item -l PROTO://ADDRESS/?cert=/path/to/cert,key=/path/to/key
+=item -l PROTOCOL://ADDRESS/?cert=/path/to/cert,key=/path/to/key
-=item --listen PROTO://ADDRESS/?cert=/path/to/cert,key=/path/to/key
+=item --listen PROTOCOL://ADDRESS/?cert=/path/to/cert,key=/path/to/key
In addition to the normal C<-l>/C<--listen> switch described in
-L<public-inbox-daemon(8)>, the C<PROTO> prefix (e.g. C<pop3://> or
+L<public-inbox-daemon(8)>, the C<PROTOCOL> prefix (e.g. C<pop3://> or
C<pop3s://>) may be specified to force a given protocol.
For STARTTLS and POP3S support, the C<cert> and C<key> may be specified
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-08-11 20:13 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-11 20:13 [PATCH 0/4] doc updates and simplifications Eric Wong
2022-08-11 20:13 ` [PATCH 1/4] doc: drop ancient Apache and WEBrick examples Eric Wong
2022-08-11 20:13 ` [PATCH 2/4] examples: consolidate systemd socket examples Eric Wong
2022-08-11 20:13 ` [PATCH 3/4] examples: add systemd files for -netd Eric Wong
2022-08-11 20:13 ` [PATCH 4/4] doc: spell out "PROTOCOL" in examples Eric Wong
Code repositories for project(s) associated with this public inbox
https://80x24.org/public-inbox.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).