diff options
| -rw-r--r-- | doc/faq.html | 2 | ||||
| -rw-r--r-- | doc/quickstart.html | 14 |
2 files changed, 9 insertions, 7 deletions
diff --git a/doc/faq.html b/doc/faq.html index 24ce2b2..9db5557 100644 --- a/doc/faq.html +++ b/doc/faq.html @@ -76,7 +76,7 @@ server has two network cards and runs a web server on both of them, on IPv4 and IPv6, over HTTP and HTTPS, which makes 8 services. Plus one <a href="//skarnet.org/software/s6/s6-log.html">s6-log</a> logger process for each of these services. Plus a supervisor for every service and every -logger — for a whopping total of 64 long-running processes just for +logger — for a whopping total of 32 long-running processes just for its web server functionality; and it's still not even noticeable, the amount of resources it consumes is negligible. So, don't worry about it; all your resources are still available for the serving itself. diff --git a/doc/quickstart.html b/doc/quickstart.html index 3b2ebe6..e0dd5d0 100644 --- a/doc/quickstart.html +++ b/doc/quickstart.html @@ -76,7 +76,7 @@ corresponding private key is in <tt>/etc/ssl/acme/private/example.com/key.pem</t the basic command line for your HTTPS service could look like: <tt>s6-envuidgid www env CERTFILE=/etc/ssl/acme/example.com/cert.pem KEYFILE=/etc/ssl/acme/private/example.com/key.pem -s6-tlsserver -U -e example.com 443 tipideed</tt>. +s6-tlsserver -U ${ip} 443 tipideed</tt>. <ul> <li> <a href="//skarnet.org/software/s6/s6-envuidgid.html">s6-envuidgid</a> puts the uid and gid of user <tt>www</tt> into the environment. </li> @@ -84,12 +84,14 @@ puts the uid and gid of user <tt>www</tt> into the environment. </li> environment, so TLS programs down the line can find the certificate and key. <li> <a href="//skarnet.org/software/s6-networking/s6-tlsserver.html">s6-tlsserver</a> rewrites itself into a command line that does a lot of different things; the -long-running process is still <a href="//skarnet.org/software/s6-networking/s6-tcpserver.html">s6-tcpserver</a> -listening. For every client connection, it spawns a process that sets up the TLS -transport layer and eventually execs into <tt>tipideed</tt>. </li> +long-running process is still +<a href="//skarnet.org/software/s6-networking/s6-tcpserver.html">s6-tcpserver</a>, +listening and accepting client connections. For every client, it spawns a process +that sets up the TLS transport layer and eventually execs into <tt>tipideed</tt>. </li> <li> <a href="tipideed.html">tipideed</a> always speaks plaintext HTTP, it has -no knowledge of cryptography itself, but it is made aware that it's running under -TLS, and CGI scripts it runs will have the <tt>HTTPS=on</tt> marker. </li> +no knowledge of cryptography itself, but it is aware (via an environment variable) +that it's running under TLS, and CGI scripts it runs will have the +<tt>HTTPS=on</tt> marker. </li> </ul> </li> <li> These command lines will block (remain in the foreground) and log everything to their stderr. For more server-like functionality, you should integrate them to |