shithub: rc-gemd

Download patch

ref: bf0e251a82566f044f228771981a301797e807af
parent: 89c9f20250438c4768fc3186d9d83b45d2997c03
author: Moody <[email protected]>
date: Wed Aug 19 19:50:19 EDT 2020

Remove tlsshim and add proper directions for adding tls key to hostowner's factotum

--- a/README
+++ b/README
@@ -10,14 +10,13 @@
 
 or one can change the rc_gemd_dir setting in the script.
 
-The serve can be started with a combination of listen(8) and tlssrv(8),
-however the requirments of tlssrv to have the tls key be in factotum can be
-a bit tricky to deal when running as 'none'. To fix this there is an example
-start script, tlsshim, which starts factotum and populates it with the private
-key on each listen1 connection.
+The service can be started with a combination of listen(8) and tlssrv(8),
+tlssrv requires that the tls key be in the hostowners factotum,
+this can be done by doing:
+cat /lib/ssl/gem.key >> /mnt/factotum/ctl
 
-Using the tlsshim and assuming the tls files are /lib/ssl^(gem.key gem.cert):
-aux/listen1 tcp!*!1965 /rc/bin/rc-gemd/tlsshim
+Then to start the server you can do:
+aux/listen1 tcp!*!1965 tlssrv -c /lib/ssl/gem.cert /rc/bin/rc-gemd/rc-gemd
 
 The tls files can be generated by running the following commands:
 mkdir -p /lib/ssl
--- a/tlsshim
+++ /dev/null
@@ -1,4 +1,0 @@
-#!/bin/rc
-auth/factotum -n
-cat /lib/ssl/gemini.key > /mnt/factotum/ctl
-exec tlssrv -c /lib/ssl/gemini.cert /rc/bin/rc-gemd/rc-gemd