Annotation of embedaddon/rsync/stunnel-rsyncd.conf.in, revision 1.1.1.2
1.1 misho 1: # This config for stunnel will start up rsync for an incoming ssl connection.
2: foreground = no
3: #output = /var/log/stunnel-rsyncd.log
4: pid = /var/run/stunnel-rsyncd.pid
5: socket = l:TCP_NODELAY=1
6: socket = r:TCP_NODELAY=1
1.1.1.2 ! misho 7: #compression = rle
1.1 misho 8: # This must be root for rsync to use chroot -- rsync will drop permissions:
9: setuid = root
10: setgid = root
11:
12: [rsync]
13: accept = 874
14: # You can set the cert to a combo *.pem file and omit the key, if you like.
15: cert = /etc/rsync-ssl/certs/server.crt
16: key = /etc/rsync-ssl/certs/server.key
17: client = no
18:
19: # To allow anyone to try an ssl connection, use this:
20: verify = 0
1.1.1.2 ! misho 21: CAfile = /etc/ssl/certs/ca-certificates.crt
1.1 misho 22:
23: # To allow only cert-authorized clients, use something like this instead of the above:
24: #verify = 3
25: #CAfile = /etc/rsync-ssl/certs/allowed-clients.cert.pem
26:
27: exec = @bindir@/rsync
28: # You can either share the same config as a normal daemon, or specify a separate config:
29: execargs = rsync --server --daemon .
30: #execargs = rsync --server --daemon --config=/etc/rsync-ssl/rsyncd.conf .
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>