diff options
Diffstat (limited to 'testing/shellinabox/shellinabox.confd')
| -rw-r--r-- | testing/shellinabox/shellinabox.confd | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/testing/shellinabox/shellinabox.confd b/testing/shellinabox/shellinabox.confd new file mode 100644 index 0000000000..e3b7be8748 --- /dev/null +++ b/testing/shellinabox/shellinabox.confd @@ -0,0 +1,78 @@ +# conf.d file for shellinaboxd +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +# Options available (copied from the man page): +# +# Sometimes, it is not necessary to replace the entire style sheet using the +# --static-file option. But instead a small incremental change should be made to +# the visual appearance of the terminal. The --css option provides a means to +# append additional style rules to the end of the default styles.css sheet. More +# than one --css option can be given on the same command line. +# +# You shouldn't need to change this value +# unless you want to load your own style sheets. +SIAB_CSS_DIR="/usr/share/shellinabox-resources" + +# If built with SSL/TLS support enabled, the daemon will look in SIAB_CERT_DIR for any +# certificates. If unspecified, this defaults to the current working directory. +# +# If the browser negotiated a Server Name Identification the daemon will look for +# a matching certificate-SERVERNAME.pem file. This allows for virtual hosting +# of multiple server names on the same IP address and port. +# +# If no SNI handshake took place, it falls back on using the certificate in the +# certificate.pem file. +# +# The administrator should make sure that there are matching certificates for +# each of the virtual hosts on this server, and that there is a generic certifiā +# cate.pem file. +# +# If no suitable certificate is installed, shellinaboxd will attempt to invoke +# /usr/bin/openssl and create a new self-signed certificate. This only +# succeeds if, after dropping privileges, shellinaboxd has write +# permissions for SIAB_CERT_DIR. +# +# Most browsers show a warning message when encountering a self-signed +# certificate and then allow the user the option of accepting the certificate. +# Due to this usability problem, and due to the perceived security +# implications, the use of auto-generated self-signed certificates is intended +# for testing or in intranet deployments, only. +# +SIAB_CERT_DIR="/etc/shellinabox/cert" + +# By default, shellinaboxd redirectes all incoming HTTP requests to their +# equivalent HTTPS URLs. If promoting of connections to encrypted SSL/TLS +# sessions is undesired, this behavior can be disabled. +# +# This option is also useful during testing or for deployment in trusted +# intranets, if SSL certificates are unavailable. +# +# SIAB_DISABLE_SSL and SIAB_CERT_DIR are mutually exclusive options. +# +# Add this option to SIAB_OPTS if you don't want SSL support. +SIAB_DISABLE_SSL="--disable-ssl" + +# Default port to listen on. +SIAB_HTTP_PORT="4200" + +# Run shellinabox as this user. +SIAB_USER="shellinaboxd" + +# Run shellinabox as this group. +SIAB_GROUP="shellinaboxd" + +# Default service to launch +SIAB_SERVICE="/:LOGIN" + +# Beeps are disabled because of reports of the VLC plugin crashing +# Firefox on Linux/x86_64. +SIAB_OPTS="--no-beep" + +# Do not add both SIAB_CSS_DIR or SIAB_CERT_DIR to SIAB_OPTS. + +# Default setup turns off SSL. +SIAB_OPTS="${SIAB_OPTS} ${SIAB_DISABLE_SSL} --port=${SIAB_HTTP_PORT} --user=${SIAB_USER} --group=${SIAB_GROUP} --service=${SIAB_SERVICE}" + +# Uncomment this line to activate SSL. +# SIAB_OPTS="--cert=${SIAB_CERT_DIR} --port=${SIAB_HTTP_PORT} --user=${SIAB_USER} --group=${SIAB_GROUP} --service=${SIAB_SERVICE}" |