1: # This config for stunnel will start up rsync for an incoming ssl connection.
2: foreground = no
3: #output = /var/log/stunnel-rsyncd.log
4: pid = /var/run/stunnel-rsyncd.pid
5: socket = l:TCP_NODELAY=1
6: socket = r:TCP_NODELAY=1
7: compression = rle
8: # This must be root for rsync to use chroot -- rsync will drop permissions:
9: setuid = root
10: setgid = root
11:
12: [rsync]
13: accept = 874
14: # You can set the cert to a combo *.pem file and omit the key, if you like.
15: cert = /etc/rsync-ssl/certs/server.crt
16: key = /etc/rsync-ssl/certs/server.key
17: client = no
18:
19: # To allow anyone to try an ssl connection, use this:
20: verify = 0
21: CAfile = /etc/ssl/ca-bundle.pem
22:
23: # To allow only cert-authorized clients, use something like this instead of the above:
24: #verify = 3
25: #CAfile = /etc/rsync-ssl/certs/allowed-clients.cert.pem
26:
27: exec = @bindir@/rsync
28: # You can either share the same config as a normal daemon, or specify a separate config:
29: execargs = rsync --server --daemon .
30: #execargs = rsync --server --daemon --config=/etc/rsync-ssl/rsyncd.conf .
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to stunnel-rsyncd.conf.in CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / rsync