mirror of
https://git.proxmox.com/git/systemd
synced 2025-05-29 11:49:14 +00:00
210 lines
4.6 KiB
Groff
210 lines
4.6 KiB
Groff
'\" t
|
|
.TH "SYSTEMD\-SOCKET\-PROXYD" "8" "" "systemd 219" "systemd-socket-proxyd"
|
|
.\" -----------------------------------------------------------------
|
|
.\" * Define some portability stuff
|
|
.\" -----------------------------------------------------------------
|
|
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
.\" http://bugs.debian.org/507673
|
|
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
|
|
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
.ie \n(.g .ds Aq \(aq
|
|
.el .ds Aq '
|
|
.\" -----------------------------------------------------------------
|
|
.\" * set default formatting
|
|
.\" -----------------------------------------------------------------
|
|
.\" disable hyphenation
|
|
.nh
|
|
.\" disable justification (adjust text to left margin only)
|
|
.ad l
|
|
.\" -----------------------------------------------------------------
|
|
.\" * MAIN CONTENT STARTS HERE *
|
|
.\" -----------------------------------------------------------------
|
|
.SH "NAME"
|
|
systemd-socket-proxyd \- Bidirectionally proxy local sockets to another (possibly remote) socket\&.
|
|
.SH "SYNOPSIS"
|
|
.HP \w'\fBsystemd\-socket\-proxyd\fR\ 'u
|
|
\fBsystemd\-socket\-proxyd\fR [\fIOPTIONS\fR...] \fIHOST\fR:\fIPORT\fR
|
|
.HP \w'\fBsystemd\-socket\-proxyd\fR\ 'u
|
|
\fBsystemd\-socket\-proxyd\fR [\fIOPTIONS\fR...] \fIUNIX\-DOMAIN\-SOCKET\-PATH\fR
|
|
.SH "DESCRIPTION"
|
|
.PP
|
|
\fBsystemd\-socket\-proxyd\fR
|
|
is a generic socket\-activated network socket forwarder proxy daemon for IPv4, IPv6 and UNIX stream sockets\&. It may be used to bi\-directionally forward traffic from a local listening socket to a local or remote destination socket\&.
|
|
.PP
|
|
One use of this tool is to provide socket activation support for services that do not natively support socket activation\&. On behalf of the service to activate, the proxy inherits the socket from systemd, accepts each client connection, opens a connection to a configured server for each client, and then bidirectionally forwards data between the two\&.
|
|
.PP
|
|
This utility\*(Aqs behavior is similar to
|
|
\fBsocat\fR(1)\&. The main differences for
|
|
\fBsystemd\-socket\-proxyd\fR
|
|
are support for socket activation with
|
|
"Accept=false"
|
|
and an event\-driven design that scales better with the number of connections\&.
|
|
.SH "OPTIONS"
|
|
.PP
|
|
The following options are understood:
|
|
.PP
|
|
\fB\-h\fR, \fB\-\-help\fR
|
|
.RS 4
|
|
Print a short help text and exit\&.
|
|
.RE
|
|
.PP
|
|
\fB\-\-version\fR
|
|
.RS 4
|
|
Print a short version string and exit\&.
|
|
.RE
|
|
.SH "EXIT STATUS"
|
|
.PP
|
|
On success, 0 is returned, a non\-zero failure code otherwise\&.
|
|
.SH "EXAMPLES"
|
|
.SS "Simple Example"
|
|
.PP
|
|
Use two services with a dependency and no namespace isolation\&.
|
|
.PP
|
|
\fBExample\ \&1.\ \&proxy-to-nginx.socket\fR
|
|
.sp
|
|
.if n \{\
|
|
.RS 4
|
|
.\}
|
|
.nf
|
|
[Socket]
|
|
ListenStream=80
|
|
|
|
[Install]
|
|
WantedBy=sockets\&.target
|
|
.fi
|
|
.if n \{\
|
|
.RE
|
|
.\}
|
|
.PP
|
|
\fBExample\ \&2.\ \&proxy-to-nginx.service\fR
|
|
.sp
|
|
.if n \{\
|
|
.RS 4
|
|
.\}
|
|
.nf
|
|
[Unit]
|
|
Requires=nginx\&.service
|
|
After=nginx\&.service
|
|
|
|
[Service]
|
|
ExecStart=/usr/lib/systemd/systemd\-socket\-proxyd /tmp/nginx\&.sock
|
|
PrivateTmp=yes
|
|
PrivateNetwork=yes
|
|
.fi
|
|
.if n \{\
|
|
.RE
|
|
.\}
|
|
.PP
|
|
\fBExample\ \&3.\ \&nginx.conf\fR
|
|
.sp
|
|
.if n \{\
|
|
.RS 4
|
|
.\}
|
|
.nf
|
|
[\&.\&.\&.]
|
|
server {
|
|
listen unix:/tmp/nginx\&.sock;
|
|
[\&.\&.\&.]
|
|
.fi
|
|
.if n \{\
|
|
.RE
|
|
.\}
|
|
.PP
|
|
\fBExample\ \&4.\ \&Enabling the proxy\fR
|
|
.sp
|
|
.if n \{\
|
|
.RS 4
|
|
.\}
|
|
.nf
|
|
# systemctl enable proxy\-to\-nginx\&.socket
|
|
# systemctl start proxy\-to\-nginx\&.socket
|
|
$ curl http://localhost:80/
|
|
.fi
|
|
.if n \{\
|
|
.RE
|
|
.\}
|
|
.SS "Namespace Example"
|
|
.PP
|
|
Similar as above, but runs the socket proxy and the main service in the same private namespace, assuming that
|
|
nginx\&.service
|
|
has
|
|
\fIPrivateTmp=\fR
|
|
and
|
|
\fIPrivateNetwork=\fR
|
|
set, too\&.
|
|
.PP
|
|
\fBExample\ \&5.\ \&proxy-to-nginx.socket\fR
|
|
.sp
|
|
.if n \{\
|
|
.RS 4
|
|
.\}
|
|
.nf
|
|
[Socket]
|
|
ListenStream=80
|
|
|
|
[Install]
|
|
WantedBy=sockets\&.target
|
|
.fi
|
|
.if n \{\
|
|
.RE
|
|
.\}
|
|
.PP
|
|
\fBExample\ \&6.\ \&proxy-to-nginx.service\fR
|
|
.sp
|
|
.if n \{\
|
|
.RS 4
|
|
.\}
|
|
.nf
|
|
[Unit]
|
|
Requires=nginx\&.service
|
|
After=nginx\&.service
|
|
JoinsNamespaceOf=nginx\&.service
|
|
|
|
[Service]
|
|
ExecStart=/usr/lib/systemd/systemd\-socket\-proxyd 127\&.0\&.0\&.1:8080
|
|
PrivateTmp=yes
|
|
PrivateNetwork=yes
|
|
.fi
|
|
.if n \{\
|
|
.RE
|
|
.\}
|
|
.PP
|
|
\fBExample\ \&7.\ \&nginx.conf\fR
|
|
.sp
|
|
.if n \{\
|
|
.RS 4
|
|
.\}
|
|
.nf
|
|
[\&.\&.\&.]
|
|
server {
|
|
listen 8080;
|
|
listen unix:/tmp/nginx\&.sock;
|
|
[\&.\&.\&.]
|
|
.fi
|
|
.if n \{\
|
|
.RE
|
|
.\}
|
|
.PP
|
|
\fBExample\ \&8.\ \&Enabling the proxy\fR
|
|
.sp
|
|
.if n \{\
|
|
.RS 4
|
|
.\}
|
|
.nf
|
|
# systemctl enable proxy\-to\-nginx\&.socket
|
|
# systemctl start proxy\-to\-nginx\&.socket
|
|
$ curl http://localhost:80/
|
|
.fi
|
|
.if n \{\
|
|
.RE
|
|
.\}
|
|
.SH "SEE ALSO"
|
|
.PP
|
|
\fBsystemd\fR(1),
|
|
\fBsystemd.socket\fR(5),
|
|
\fBsystemd.service\fR(5),
|
|
\fBsystemctl\fR(1),
|
|
\fBsocat\fR(1),
|
|
\fBnginx\fR(1),
|
|
\fBcurl\fR(1)
|