From 6be5496f8a5660875c5f45f915210f69496d231b Mon Sep 17 00:00:00 2001 From: Laurent Bercot Date: Wed, 20 Sep 2023 09:29:16 +0000 Subject: More doc Signed-off-by: Laurent Bercot --- doc/tipideed.html | 41 +++++++++++++++++++++++++++++++++++------ 1 file changed, 35 insertions(+), 6 deletions(-) (limited to 'doc/tipideed.html') diff --git a/doc/tipideed.html b/doc/tipideed.html index b6b39f6..b11a63c 100644 --- a/doc/tipideed.html +++ b/doc/tipideed.html @@ -84,19 +84,19 @@ of the tipidee package provides service templates to help you run tipideed under

Exit codes

-
0
clean exit. The client closed the connection after a stream of +
0
Clean exit. The client closed the connection after a stream of HTTP exchanges.
1
Illicit client behaviour. tipideed exited because it could not serve the client in good faith.
2
Illicit CGI script behaviour. tipideed exited because the invoked CGI script made it impossible to continue. Before exiting, tipideed likely has sent a 502 (Bad Gateway) response to the client.
-
100
bad usage. tipideed has been run in an incorrect way: bad command +
100
Bad usage. tipideed has been run in an incorrect way: bad command line options, or missing environment variables, etc.
-
101
cannot happen. This signals a bug in tipideed, and comes with an +
101
Cannot happen. This signals a bug in tipideed, and comes with an error message asking you to report the bug. Please do so, on the skaware mailing-list.
-
111
system call failed. If this happens while serving a request, +
111
System call failed. If this happens while serving a request, tipideed likely has sent a 500 (Internal Server Error) response to the client before exiting.
@@ -182,11 +182,40 @@ not rely on.
-v verbosity
The level of log verbosity. This is the same as the global verbosity -setting in the configuration file; an explicit +setting in the configuration file; an explicit command line option overrides any setting present in the configuration file.
-f file
-
+
Use file as the compiled configuration database, typically obtained +by running tipidee-config -o file. +The default is /etc/tipidee.conf.cdb.
+ +
-d docroot
+
Change the working directory to docroot before serving. Default +is serving from the current working directory. Note that documents need to +be located in subdirectories of docroot, one subdirectory +per virtual domain tipideed is serving.
+ +
-R
+
chroot. If the underlying operating system has the +chroot() +system call, use it before serving. This always happens after opening +the configuration database, after changing the working directory, +and before dropping privileges. The idea is that chrooting helps +with security, but the configuration database should be located outside of the +document space.
+ +
-U
+
Drop root privileges. If this option is given, tipideed expects two +additional environment variables, UID and GID, containing the uid and gid +it should run as; it will drop its privileges to $UID:$GID before serving. +This option is mainly useful when paired with -R, because chrooting +can only be performed as root, so root privileges need to be kept all the +way to tipideed then dropped after tipideed has chrooted. In a non-chrooted +setup, it is simpler and more secure to run the super-server with +the -U option instead: root privileges will be dropped as soon as +the super-server has bound to its socket, and all the subsequent operations, +including the spawning of tipideed processes, are performed as a normal user.

Detailed operation

-- cgit v1.2.3