|
|
| @@ -0,0 +1,837 @@
+#!/bin/sh
+
+### BEGIN INIT INFO
+# Provides: stud
+# Required-Start: $local_fs $remote_fs
+# Required-Stop: $local_fs $remote_fs
+# Should-Start: $syslog
+# Should-Stop: $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Start or stop stud (SSL offloader)
+### END INIT INFO
+
+#######################################################
+# GLOBALS #
+#######################################################
+
+# instance configuration directory
+CONFIG_DIR="/etc/stud"
+
+# Runtime directory data
+RUNTIME_DIR="/var/run/stud"
+
+#######################################################
+
+#######################################################
+
+stud_single_instance_config_reset() {
+#######################################################
+# stud instance configuration #
+#######################################################
+
+# stud listening address
+FRONTEND_ADDRESS="*,8443"
+
+# upstream service address
+BACKEND_ADDRESS="127.0.0.1,80"
+
+# x509 certificate file
+CERT_FILE=""
+
+# TLS only service? Don't set this to 1 if you're
+# offloading HTTPS.
+TLS_ONLY="0"
+
+# cipher suite (run openssl ciphers for full list)
+CIPHER_SUITE="HIGH"
+
+# OpenSSL engine
+ENGINE=""
+
+# Number of worker processes
+WORKERS="1"
+
+# Listen backlog
+BACKLOG=""
+
+# Chroot directory
+CHROOT_DIR=""
+
+# drop privileges and run as specified
+# user if set
+SETUID_USER=""
+
+# use shared cache with specified number of sessions
+# WARNING: stud must be compiled with USE_SHARED_CACHE=1
+SHARED_CACHE_SESSIONS="0"
+
+# Accept cache updates on specified address
+#
+# syntax: HOST,PORT
+#
+# WARNING: stud must be compiled with USE_SHARED_CACHE=1
+# SHARED_CACHE_SESSIONS must be >= 1
+CACHE_UPDATE_ACCEPT=""
+
+# Send cache updates to specified list space separated peers
+#
+# syntax: HOST1,PORT HOST2,PORT
+#
+# WARNING: stud must be compiled with USE_SHARED_CACHE=1
+# and CACHE_UPDATE_ACCEPT must be defined
+CACHE_UPDATE_SEND=""
+
+# Force network interface and ttl to receive and send multicast
+# cache updates
+#
+# syntax: IFACE[,TTL]
+#
+# WARNING: stud must be compiled with USE_SHARED_CACHE=1
+# and CACHE_UPDATE_ACCEPT must be defined
+CACHE_UPDATE_IFACE=""
+
+# default tcp keepalive on client socket in seconds
+CLIENT_TCP_KEEPALIVE_SEC=""
+
+# log to syslog?
+SYSLOG="1"
+
+# Enable write-ip?
+WRITE_IP="0"
+
+# Enable SENDPROXY protocol; see
+# http://haproxy.1wt.eu/download/1.5/doc/proxy-protocol.txt
+# for additional info
+WRITE_PROXY="0"
+
+# Alternative OpenSSL library dir
+# Use this if you'd like to run stud with different
+# version of OpenSSL library
+OPENSSL_LIB_DIR=""
+
+# Semicolon separated list of process affinities; requires
+# taskset(8) utility.
+#
+# SYNTAX:
+# "<process_number>:<affinity>;<process_number2>:<affinity2>;..."
+#
+# <process_number>: stud worker process number, starting with 1
+# <affinity>: process affinity, see taskset(8) for details
+#
+# EXAMPLES:
+#
+# "1:0" => bind first process to CPU0
+#
+# "1:0;2:3-4;3:5;4:7" => bind first worker process to CPU0,
+# second worker process to CPU3 and CPU4,
+# third worker process to CPU5 and fourth
+# worker process to CPU7
+PROCESS_AFFINITY=""
+
+# Process priority (integer between -19 to 19)
+# lower value means higher priority
+#
+PROCESS_PRIORITY=""
+
+# ulimit -n value before starting single stud instance
+#
+# Comment out or set to 0 to disable ulimit -n
+# setup.
+#
+ULIMIT_N=""
+
+# Additional stud command line options
+#
+# NOTE: set this only if you really know what your're
+# doing
+#
+# ADDITIONAL_STUD_OPT=""
+
+# EOF
+}
+
+PATH="${PATH}:."
+INSTANCE_NAME=""
+STUD=`which stud 2>/dev/null`
+
+die() {
+ msg_log "FATAL: $@"
+ echo "FATAL: $@" 1>&2
+ exit 1
+}
+
+msg_log() {
+ ident="stud"
+ test ! -z "${INSTANCE_NAME}" && ident="${ident}/${INSTANCE_NAME}"
+ logger -i -t "${ident}" "$@" >/dev/null 2>&1
+}
+
+msg_err() {
+ msg_log "ERROR: $@"
+}
+
+
+_real_single_instance_start() {
+ # check stud binary
+ if [ -z "${STUD}" ] || [ ! -f "${STUD}" ] || [ ! -x "${STUD}" ]; then
+ die "Invalid stud binary: '${STUD}'"
+ fi
+
+ # generate stud command line options
+ opts="-f ${FRONTEND_ADDRESS}"
+ opts="${opts} -b ${BACKEND_ADDRESS}"
+
+ if [ "${TLS_ONLY}" = "1" ]; then
+ opts="${opts} --tls"
+ else
+ opts="${opts} --ssl"
+ fi
+
+ test ! -z "${CIPHER_SUITE}" && opts="${opts} -c ${CIPHER_SUITE}"
+ test ! -z "${ENGINE}" && opts="${opts} -e ${ENGINE}"
+
+ if [ ! -z "${WORKERS}" ] && [ ${WORKERS} -gt 0 ]; then
+ opts="${opts} -n ${WORKERS}"
+ fi
+
+ if [ ! -z "${BACKLOG}" ] && [ ${BACKLOG} -gt 0 ]; then
+ opts="${opts} -B ${BACKLOG}"
|
