More configuration documentation
git-svn-id: http://repo.ham.fi/svn/aprsc/trunk@795 3ce903b1-3385-4e86-93cd-f9a4a239f7ac
This commit is contained in:
Heikki Hannikainen
parent
12a1425b63
commit
ef90a847a0
|
|
@ -7,17 +7,18 @@ Command line parameters and startup
|
|||
|
||||
aprsc understands a few command line parameters. On Ubuntu/Debian derived
|
||||
systems these go to /etc/default/aprsc, on other systems they go in the init
|
||||
script starting up the software.
|
||||
script starting up the software. Shown here are the settings installed by
|
||||
default when installing aprsc from a binary package.
|
||||
|
||||
* -u aprsc: switch to user 'aprsc' as soon as possible
|
||||
* -t /opt/aprsc: chroot to the given directory after starting
|
||||
* -f: fork to a daemon
|
||||
* -e info: log at level info (can be changed to "debug" for more verbose
|
||||
* `-u aprsc` - switch to user 'aprsc' as soon as possible
|
||||
* `-t /opt/aprsc` - chroot to the given directory after starting
|
||||
* `-f` - fork to a daemon
|
||||
* `-e info` - log at level info (can be changed to "debug" for more verbose
|
||||
logging)
|
||||
* -o file: log to file (can be changed to "stderr" for supervisord and debugging, or "syslog"
|
||||
* `-o file` - log to file (can be changed to "stderr" for supervisord and debugging, or "syslog"
|
||||
for syslogd)
|
||||
* -r logs: log file directory, log files are placed in /opt/aprsc/logs
|
||||
* -c etc/aprsc.onf: configuration file location
|
||||
* `-r logs` - log file directory, log files are placed in /opt/aprsc/logs
|
||||
* `-c etc/aprsc.conf` - configuration file location
|
||||
|
||||
Since the daemon chroots to /opt/aprsc, all paths are relative to that
|
||||
directory and the daemon cannot access any files outside the chroot. The
|
||||
|
|
@ -25,6 +26,15 @@ supplied startup script copies a couple of essential files from /etc top
|
|||
/opt/aprsc/etc so that DNS lookups work (hosts, resolv.conf, gai.conf,
|
||||
/nsswitch.conf).
|
||||
|
||||
aprsc refuses to run as root, but it should be started to root so that it
|
||||
can do the chroot() dance and adjust resource limits as needed. When started
|
||||
as root, it requires that the -u parameter is set to an unprivileged user.
|
||||
Right after the chroot() it switches to the specified user to reduce the
|
||||
damage potential. For security reasons it's a good idea to have a separate
|
||||
unprivileged user account for aprsc. The official binary aprsc packages
|
||||
automatically creates the aprsc user account and uses that in the
|
||||
configuration.
|
||||
|
||||
aprsc can log to syslog too, but that'd require bringing the
|
||||
syslog socket within the chroot.
|
||||
|
||||
|
|
@ -36,7 +46,7 @@ Configuration file options in aprsc.conf
|
|||
|
||||
* ServerId NOCALL
|
||||
|
||||
This is your unique server ID. Typically contains either a callsign and
|
||||
This is your unique server ID. Typically contains a callsign and
|
||||
an SSID.
|
||||
|
||||
* PassCode 0
|
||||
|
|
@ -64,7 +74,7 @@ Configuration file options in aprsc.conf
|
|||
|
||||
Timer settings assume the time is specified in seconds, but allow appending
|
||||
one of s, m, h, d to multiply the given value by the number of seconds in a
|
||||
second, month, hour and day respectively. Examples:
|
||||
second, minute, hour and day respectively. Examples:
|
||||
|
||||
* 600 - 600 seconds
|
||||
* 600s - 600 seconds
|
||||
|
|
@ -173,3 +183,57 @@ directives, one with an IPv4 address and another with the IPv6 one.
|
|||
UplinkBind 127.0.0.1
|
||||
UplinkBind dead:beef::15:f00d
|
||||
|
||||
### HTTP server ###
|
||||
|
||||
aprsc can listen for HTTP requests on one or multiple TCP ports. Each HTTP
|
||||
port responds to either status page queries, or takes in HTTP-based position
|
||||
uploads, but not both. HTTP listener configuration directioves take an IP
|
||||
address and a TCP port. Like the other Listeners, :: means "all addresses"
|
||||
for IPv6, 0.0.0.0 means "all addresses" for IPv4. On Linux, Solaris and OS X
|
||||
the :: IPv6 listener will also accept IPv4 connections happily, so you don't
|
||||
usually need a separate IPv4 listener.
|
||||
|
||||
The status page HTTP service is configured using HTTPStatus. Here's a
|
||||
configuration example for the APRS-IS standard status port 14501:
|
||||
|
||||
HTTPStatus :: 14501
|
||||
|
||||
The HTTP position upload service is configured using the HTTPUpload
|
||||
directive. Here's an example for the APRS-IS standard position submission
|
||||
port 8080:
|
||||
|
||||
HTTPUpload :: 8080
|
||||
|
||||
Multiple HTTPStatus and HTTPUpload directives can be entered to listen on
|
||||
multiple addresses or ports:
|
||||
|
||||
HTTPUpload 127.0.0.1 8080
|
||||
HTTPUpload 10.73.88.99 8080
|
||||
HTTPUpload ::1 8080
|
||||
HTTPUpload f00d::beef:bac0:ca1f 8080
|
||||
|
||||
### Environment ###
|
||||
|
||||
When the server starts up as the super-user (root), it can increase some
|
||||
resource limits automatically. When not starting as root these directives
|
||||
have no effect.
|
||||
|
||||
If you wish to run a server which accepts a very large amount of users
|
||||
(usually not necessary), the amount of connections a server can accept can
|
||||
be limited by the operating system's limits for maximum open file
|
||||
descriptors per process. The FileLimit directive can be used to adjust this
|
||||
limit.
|
||||
|
||||
FileLimit 10000
|
||||
|
||||
### Operator attention span qualification run ###
|
||||
|
||||
The example configuration file contains an invalid configuration directive
|
||||
in the end for the purpose of making sure the operator actually reads
|
||||
through the file and adjusts it to match his needs. If it caught you by
|
||||
surprise, you should probably read through the whole configuration file with
|
||||
some added thought, and cross-reference the configuration directives with
|
||||
this document.
|
||||
|
||||
Think of this as the "brown M&M's test" by Van Halen, adapted for the APRS-IS.
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue