diff options
Diffstat (limited to '')
-rw-r--r-- | Makefile | 21 | ||||
-rw-r--r-- | README.7 | 16 | ||||
-rw-r--r-- | calico.1 | 40 | ||||
-rwxr-xr-x | configure | 1 | ||||
-rw-r--r-- | pounce.1 | 51 | ||||
-rw-r--r-- | rc.d/calico.in | 30 | ||||
-rw-r--r-- | rc.d/pounce.in | 64 |
7 files changed, 21 insertions, 202 deletions
diff --git a/Makefile b/Makefile index 0fcadf5..2eb2491 100644 --- a/Makefile +++ b/Makefile @@ -1,15 +1,11 @@ PREFIX ?= /usr/local MANDIR ?= ${PREFIX}/share/man -ETCDIR ?= ${PREFIX}/etc -RUNDIR ?= /var/run CFLAGS += -std=c11 -Wall -Wextra -Wpedantic LDLIBS = -lcrypt -ltls BINS = calico pounce MANS = ${BINS:=.1} -RCS = ${BINS:%=rc.d/%} -DIRS = ${ETCDIR}/pounce ${RUNDIR}/calico -include config.mk @@ -34,33 +30,20 @@ pounce: ${OBJS} ${OBJS}: bounce.h -.SUFFIXES: .in - -.in: - sed -e 's|%%PREFIX%%|${PREFIX}|g' $< > $@ - tags: *.c *.h ctags -w *.c *.h clean: - rm -f tags ${BINS} ${RCS} ${OBJS} dispatch.o + rm -f tags ${BINS} ${OBJS} dispatch.o -install: ${BINS} ${MANS} ${INSTALLS} +install: ${BINS} ${MANS} install -d ${DESTDIR}${PREFIX}/bin ${DESTDIR}${MANDIR}/man1 install ${BINS} ${DESTDIR}${PREFIX}/bin install -m 644 ${MANS} ${DESTDIR}${MANDIR}/man1 -install-rcs: ${RCS} - install -d ${DESTDIR}${ETCDIR}/rc.d - install ${RCS} ${DESTDIR}${ETCDIR}/rc.d - -install-dirs: - install -d ${DIRS:%=${DESTDIR}%} - uninstall: rm -f ${BINS:%=${DESTDIR}${PREFIX}/bin/%} rm -f ${MANS:%=${DESTDIR}${MANDIR}/man1/%} - rm -f ${RCS:%=${DESTDIR}${ETCDIR}/%} localhost.crt: printf "[dn]\nCN=localhost\n[req]\ndistinguished_name=dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth" \ diff --git a/README.7 b/README.7 index 221ffdb..77ba236 100644 --- a/README.7 +++ b/README.7 @@ -1,4 +1,4 @@ -.Dd August 24, 2020 +.Dd August 27, 2020 .Dt README 7 .Os "Causal Agency" . @@ -84,6 +84,16 @@ to find it. PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ./configure .Ed . +.Pp +On +.Fx +and +.Ox +the recommended way to run +.Nm +is with the process supervisor +.Lk https://git.causal.agency/catsit catsit . +. .Ss Additional Components Additional functionality can be provided by special-purpose clients connected to @@ -128,10 +138,6 @@ configuration parsing XDG base directories .It Pa dispatch.c SNI socket dispatch -.It Pa rc.d/ -.Fx -.Xr rc 8 -scripts .El . .Sh CONTRIBUTING diff --git a/calico.1 b/calico.1 index 1c28365..1b9ec67 100644 --- a/calico.1 +++ b/calico.1 @@ -1,4 +1,4 @@ -.Dd May 19, 2020 +.Dd August 27, 2020 .Dt CALICO 1 .Os . @@ -37,6 +37,12 @@ Incoming connections are passed directly to instances of .Xr pounce 1 , which handle TLS negotiation. +Instances of +.Xr pounce 1 +and +.Nm +can be restarted +independently of each other. . .Pp The arguments are as follows: @@ -60,38 +66,6 @@ The path to the directory containing UNIX-domain sockets. .El . -.Ss Service Configuration -Add the following to -.Pa /etc/rc.conf -to enable the -.Nm -daemon: -.Bd -literal -offset indent -calico_enable="YES" -.Ed -. -.Pp -The default socket directory is -.Pa /var/run/calico . -It can be changed by setting -.Va calico_path . -The -.Xr pounce 1 -service can be configured -to listen in this directory -with the following: -.Bd -literal -offset indent -pounce_flags="-U /var/run/calico" -.Ed -. -.Pp -The -.Nm -and -.Xr pounce 1 -services can be started and stopped -independently of each other. -. .Sh EXAMPLES Obtain certificates for and dispatch to two instances of diff --git a/configure b/configure index 95ea53c..12f411c 100755 --- a/configure +++ b/configure @@ -36,7 +36,6 @@ case "$(uname)" in config libtls defstr OPENSSL_BIN /usr/bin/openssl defstr CERTBOT_PATH /usr/local/etc/letsencrypt - echo 'INSTALLS = install-rcs install-dirs' ;; (Linux) cflags -D_GNU_SOURCE diff --git a/pounce.1 b/pounce.1 index 419400b..f0ba78b 100644 --- a/pounce.1 +++ b/pounce.1 @@ -1,4 +1,4 @@ -.Dd August 25, 2020 +.Dd August 27, 2020 .Dt POUNCE 1 .Os . @@ -540,55 +540,6 @@ sasl-external .Ed .El . -.Ss Service Configuration -On -.Fx , -add the following to -.Pa /etc/rc.conf -to enable the -.Nm -daemon: -.Bd -literal -offset indent -pounce_enable="YES" -pounce_user="user" -pounce_env="HOME=/home/user" -.Ed -. -.Pp -The -.Nm -service supports profiles -for running multiple instances. -Set -.Va pounce_profiles -to a space-separated list of names. -Flags for each profile will be set from -.Va pounce_${profile}_flags . -For example: -.Bd -literal -offset indent -pounce_profiles="example1 example2" -pounce_example1_flags="example1.conf" -pounce_example2_flags="example2.conf" -.Ed -. -.Pp -The commands -.Cm start , stop , -etc.\& -will operate on the profile given as an additional argument, -or on all profiles without an additional argument. -. -.Pp -The -.Cm reload -command will cause the -.Nm -daemon to reload certificate files. -To reload other configuration, -use the -.Cm restart -command. -. .Sh ENVIRONMENT .Bl -tag -width Ds .It Ev USER diff --git a/rc.d/calico.in b/rc.d/calico.in deleted file mode 100644 index a54658a..0000000 --- a/rc.d/calico.in +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/sh - -# PROVIDE: calico -# REQUIRE: LOGIN -# KEYWORD: shutdown - -. /etc/rc.subr - -name='calico' -rcvar='calico_enable' - -load_rc_config "${name}" - -: ${calico_enable:='NO'} -: ${calico_path:="/var/run/${name}"} -calico_flags="${calico_flags} ${calico_path}" - -command='/usr/sbin/daemon' -procname='%%PREFIX%%/bin/calico' -pidfile="/var/run/${name}.pid" -required_dirs=$calico_path - -child_flags=$calico_flags -child_user=$calico_user -unset calico_flags calico_user -command_args="\ - -p ${pidfile} -T ${name} ${child_user:+-u ${child_user}} \ - -- ${procname} ${child_flags}" - -run_rc_command "$1" diff --git a/rc.d/pounce.in b/rc.d/pounce.in deleted file mode 100644 index b8dda40..0000000 --- a/rc.d/pounce.in +++ /dev/null @@ -1,64 +0,0 @@ -#!/bin/sh - -# PROVIDE: pounce -# REQUIRE: LOGIN -# KEYWORD: shutdown - -. /etc/rc.subr - -name='pounce' -rcvar='pounce_enable' -extra_commands='reload' -sig_reload='USR1' - -load_rc_config "${name}" - -: ${pounce_enable:='NO'} -: ${pounce_chdir:="%%PREFIX%%/etc/${name}"} - -command='/usr/sbin/daemon' -pidprefix="/var/run/${name}" -pidfile="${pidprefix}.pid" -required_dirs=$pounce_chdir - -child_command='%%PREFIX%%/bin/pounce' -child_pidfile="${pidprefix}.child.pid" - -if [ -n "$2" ]; then - profile=$2 - if [ -n "${pounce_profiles}" ]; then - pidfile="${pidprefix}.${profile}.pid" - child_pidfile="${pidprefix}.${profile}.child.pid" - eval pounce_enable="\${pounce_${profile}_enable:-${pounce_enable}}" - eval pounce_flags="\${pounce_${profile}_flags:-${pounce_flags}}" - eval pounce_chdir="\${pounce_${profile}_chdir:-${pounce_chdir}}" - eval pounce_user="\${pounce_${profile}_user:-${pounce_user}}" - eval pounce_env="\${pounce_${profile}_env:-${pounce_env}}" - else - echo "$0: extra argument ignored" - fi -else - if [ -n "${pounce_profiles}" -a -n "$1" ]; then - for profile in ${pounce_profiles}; do - echo "===> ${name} profile: ${profile}" - %%PREFIX%%/etc/rc.d/${name} "$1" "${profile}" || exit "$?" - done - exit - fi -fi - -child_flags=$pounce_flags -child_user=$pounce_user -unset pounce_flags pounce_user -command_args="\ - -r -P ${pidfile} -p ${child_pidfile} -T ${name}${profile:+/${profile}} \ - ${child_user:+-u ${child_user}} \ - -- ${child_command} ${child_flags}" - -pounce_reload() { - rc_pid=$(check_pidfile "$child_pidfile" "$child_command") - kill "-$sig_reload" "$rc_pid" -} -reload_cmd='pounce_reload' - -run_rc_command "$1" |