diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 16:14:31 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 16:14:31 +0000 |
| commit | 2d5707c7479eacb3b1ad98e01b53f56a88f8fb78 (patch) | |
| tree | d9c334e83692851c02e3e1b8e65570c97bc82481 /stunnel-rsyncd.conf.in | |
| parent | Initial commit. (diff) | |
| download | rsync-2d5707c7479eacb3b1ad98e01b53f56a88f8fb78.tar.xz rsync-2d5707c7479eacb3b1ad98e01b53f56a88f8fb78.zip | |
Adding upstream version 3.2.7.upstream/3.2.7
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'stunnel-rsyncd.conf.in')
| -rw-r--r-- | stunnel-rsyncd.conf.in | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/stunnel-rsyncd.conf.in b/stunnel-rsyncd.conf.in new file mode 100644 index 0000000..b3fd240 --- /dev/null +++ b/stunnel-rsyncd.conf.in @@ -0,0 +1,30 @@ +# This config for stunnel will start up rsync for an incoming ssl connection. +foreground = no +#output = /var/log/stunnel-rsyncd.log +pid = /var/run/stunnel-rsyncd.pid +socket = l:TCP_NODELAY=1 +socket = r:TCP_NODELAY=1 +#compression = rle +# This must be root for rsync to use chroot -- rsync will drop permissions: +setuid = root +setgid = root + +[rsync] +accept = 874 +# You can set the cert to a combo *.pem file and omit the key, if you like. +cert = /etc/rsync-ssl/certs/server.crt +key = /etc/rsync-ssl/certs/server.key +client = no + +# To allow anyone to try an ssl connection, use this: +verify = 0 +CAfile = /etc/ssl/certs/ca-certificates.crt + +# To allow only cert-authorized clients, use something like this instead of the above: +#verify = 3 +#CAfile = /etc/rsync-ssl/certs/allowed-clients.cert.pem + +exec = @bindir@/rsync +# You can either share the same config as a normal daemon, or specify a separate config: +execargs = rsync --server --daemon . +#execargs = rsync --server --daemon --config=/etc/rsync-ssl/rsyncd.conf . |