2013-10-15 03:41:47 +04:00
<?xml version="1.0"?>
<!-- * - nxml - * -->
< !DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!--
This file is part of systemd.
Copyright 2013 David Strauss
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http: / / w w w . g n u . o r g / l i c e n s e s /> .
-->
2013-10-18 04:40:26 +04:00
<refentry id= "systemd-socket-proxyd" >
2013-10-15 03:41:47 +04:00
<refentryinfo >
2013-10-18 04:40:26 +04:00
<title > systemd-socket-proxyd</title>
2013-10-15 03:41:47 +04:00
<productname > systemd</productname>
<authorgroup >
<author >
<contrib > Developer</contrib>
<firstname > David</firstname>
<surname > Strauss</surname>
<email > david@davidstrauss.net</email>
</author>
</authorgroup>
</refentryinfo>
<refmeta >
2013-10-18 04:40:26 +04:00
<refentrytitle > systemd-socket-proxyd</refentrytitle>
2013-11-28 00:14:56 +04:00
<manvolnum > 8</manvolnum>
2013-10-15 03:41:47 +04:00
</refmeta>
<refnamediv >
2013-10-18 04:40:26 +04:00
<refname > systemd-socket-proxyd</refname>
2013-11-07 01:40:54 +04:00
<refpurpose > Bidirectionally proxy local sockets to another (possibly remote) socket.</refpurpose>
2013-10-15 03:41:47 +04:00
</refnamediv>
<refsynopsisdiv >
<cmdsynopsis >
2013-10-18 04:40:26 +04:00
<command > systemd-socket-proxyd</command>
2013-11-07 01:40:54 +04:00
<arg choice= "opt" rep= "repeat" > <replaceable > OPTIONS</replaceable> </arg>
<arg choice= "plain" > <replaceable > HOST</replaceable> :<replaceable > PORT</replaceable> </arg>
2013-10-15 03:41:47 +04:00
</cmdsynopsis>
<cmdsynopsis >
2013-10-18 04:40:26 +04:00
<command > systemd-socket-proxyd</command>
2013-11-07 01:40:54 +04:00
<arg choice= "opt" rep= "repeat" > <replaceable > OPTIONS</replaceable> </arg>
2013-10-15 03:41:47 +04:00
<arg choice= "plain" > <replaceable > UNIX-DOMAIN-SOCKET-PATH</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 >
<title > Description</title>
<para >
2013-11-07 01:40:54 +04:00
<command > systemd-socket-proxyd</command> is a generic
socket-activated network socket forwarder proxy daemon
2013-11-27 23:55:15 +04:00
for IPv4, IPv6 and UNIX stream sockets. It may be used
2013-11-07 01:40:54 +04:00
to bi-directionally forward traffic from a local listening socket to a
local or remote destination socket.</para>
<para > One use of this tool is to provide
2013-11-07 04:17:48 +04:00
socket activation support for services that do not
2013-11-07 01:40:54 +04:00
natively support socket activation. On behalf of the
service to activate, the proxy inherits the socket
from systemd, accepts each client connection, opens a
connection to a configured server for each client, and
then bidirectionally forwards data between the
two.</para>
2013-10-15 03:41:47 +04:00
<para > This utility's behavior is similar to
2013-10-22 03:50:48 +04:00
<citerefentry > <refentrytitle > socat</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry> .
2013-10-18 04:40:26 +04:00
The main differences for <command > systemd-socket-proxyd</command>
2013-10-15 03:41:47 +04:00
are support for socket activation with
<literal > Accept=false</literal> and an event-driven
design that scales better with the number of
connections.</para>
</refsect1>
<refsect1 >
<title > Options</title>
<para > The following options are understood:</para>
<variablelist >
<varlistentry >
<term > <option > -h</option> </term>
<term > <option > --help</option> </term>
<listitem >
<para > Prints a short help
text and exits.</para>
</listitem>
</varlistentry>
<varlistentry >
<term > <option > --version</option> </term>
<listitem >
<para > Prints a version
string and exits.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 >
<title > Exit status</title>
2013-10-22 03:50:48 +04:00
<para > On success, 0 is returned, a non-zero failure
2013-10-15 03:41:47 +04:00
code otherwise.</para>
</refsect1>
<refsect1 >
<title > Examples</title>
<refsect2 >
2013-11-28 00:14:08 +04:00
<title > Simple Example</title>
2013-10-15 03:41:47 +04:00
<para > Use two services with a dependency
and no namespace isolation.</para>
2013-11-28 00:14:08 +04:00
<example >
<title > proxy-to-nginx.socket</title>
2014-02-14 18:56:19 +04:00
<programlisting > < ![CDATA[[Socket]
2013-10-15 03:41:47 +04:00
ListenStream=80
[Install]
2014-02-14 18:56:19 +04:00
WantedBy=sockets.target]]></programlisting>
2013-10-15 03:41:47 +04:00
</example>
2013-11-28 00:14:08 +04:00
<example >
<title > proxy-to-nginx.service</title>
2014-02-14 18:56:19 +04:00
<programlisting > < ![CDATA[[Unit]
2013-10-15 03:41:47 +04:00
Requires=nginx.service
2013-11-28 00:14:08 +04:00
After=nginx.service
2013-10-15 03:41:47 +04:00
[Service]
2013-11-28 00:14:08 +04:00
ExecStart=/usr/lib/systemd/systemd-socket-proxyd /tmp/nginx.sock
PrivateTmp=yes
2014-02-14 18:56:19 +04:00
PrivateNetwork=yes]]></programlisting>
2013-10-15 03:41:47 +04:00
</example>
2013-11-28 00:14:08 +04:00
<example >
<title > nginx.conf</title>
2013-10-15 03:41:47 +04:00
<programlisting >
< ![CDATA[[...]
server {
listen unix:/tmp/nginx.sock;
[...]]]>
</programlisting>
</example>
2013-11-28 00:14:08 +04:00
<example >
<title > Enabling the proxy</title>
2014-02-14 18:56:19 +04:00
<programlisting > < ![CDATA[# systemctl enable proxy-to-nginx.socket
2013-10-22 03:50:49 +04:00
# systemctl start proxy-to-nginx.socket
2014-02-14 18:56:19 +04:00
$ curl http://localhost:80/]]></programlisting>
2013-10-15 03:41:47 +04:00
</example>
</refsect2>
<refsect2 >
2013-11-28 00:14:08 +04:00
<title > Namespace Example</title>
<para > Similar as above, but runs the socket
proxy and the main service in the same private
namespace, assuming that
<filename > nginx.service</filename> has
<varname > PrivateTmp=</varname> and
<varname > PrivateNetwork=</varname> set,
too.</para>
<example >
<title > proxy-to-nginx.socket</title>
2014-02-14 18:56:19 +04:00
<programlisting > < ![CDATA[[Socket]
2013-10-15 03:41:47 +04:00
ListenStream=80
[Install]
2014-02-14 18:56:19 +04:00
WantedBy=sockets.target]]></programlisting>
2013-10-15 03:41:47 +04:00
</example>
2013-11-28 00:14:08 +04:00
<example >
<title > proxy-to-nginx.service</title>
2014-02-14 18:56:19 +04:00
<programlisting > < ![CDATA[[Unit]
2013-11-28 00:14:08 +04:00
Requires=nginx.service
After=nginx.service
JoinsNamespaceOf=nginx.service
2013-10-15 03:41:47 +04:00
[Service]
2013-11-28 00:14:08 +04:00
ExecStart=/usr/lib/systemd/systemd-socket-proxyd 127.0.0.1:8080
PrivateTmp=yes
2014-02-14 18:56:19 +04:00
PrivateNetwork=yes]]></programlisting>
2013-10-15 03:41:47 +04:00
</example>
2013-11-28 00:14:08 +04:00
<example >
<title > nginx.conf</title>
2014-02-14 18:56:19 +04:00
<programlisting > < ![CDATA[[...]
2013-10-15 03:41:47 +04:00
server {
listen 8080;
listen unix:/tmp/nginx.sock;
2014-02-14 18:56:19 +04:00
[...]]]></programlisting>
2013-10-15 03:41:47 +04:00
</example>
2013-11-28 00:14:08 +04:00
<example >
<title > Enabling the proxy</title>
2014-02-14 18:56:19 +04:00
<programlisting > < ![CDATA[# systemctl enable proxy-to-nginx.socket
2013-11-28 00:14:08 +04:00
# systemctl start proxy-to-nginx.socket
2014-02-14 18:56:19 +04:00
$ curl http://localhost:80/]]></programlisting>
2013-10-15 03:41:47 +04:00
</example>
</refsect2>
</refsect1>
<refsect1 >
<title > See Also</title>
<para >
2013-11-07 01:40:54 +04:00
<citerefentry > <refentrytitle > systemd</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > systemd.socket</refentrytitle> <manvolnum > 5</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > systemd.service</refentrytitle> <manvolnum > 5</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > systemctl</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry> ,
2013-11-28 00:14:08 +04:00
<citerefentry > <refentrytitle > socat</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > nginx</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > curl</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry>
2013-11-07 01:40:54 +04:00
</para>
2013-10-15 03:41:47 +04:00
</refsect1>
</refentry>