Re: man httpd.conf option does not mention option blocks
On Tue, Mar 12, 2019 at 10:31:39AM +, Jason McIntyre wrote:
> On Tue, Mar 12, 2019 at 01:24:40AM -0500, Alfred Morgan wrote:
> >httpd uses the configuration processor that relayd uses so I was
> >curious to see how this block of sub options were explained in
> >relayd.conf(5) and interestingly enough this is not explained there
> >either but there are examples of the multiple option block being used.
> >One thing I learned from relayd.conf examples was that the sub options
> >can also be separated by a coma allowing multiple sub options to be
> >written on one line inside the brackets. I confirmed this works the
> >same in httpd.conf. This gives us these possibilities to write sub
> >options:
> >A)
> >connection max requests 10
> >connection timeout 600
> >B)
> >connection {
> >? ? max requests 10
> >? ? timeout 600
> >}
> >C)
> >connection { max requests 10, timeout 60 }
> >While reading the man page for relayd.conf I found this easy to read
> >and simple explanation that we may draw inspiration from -- although
> >this still does not explain the sub option block:
> >"""
> >It is possible to specify multiple listen directives with different IP
> >? ? ? protocols in a single redirection configuration:
> >? ? ? ? ? ? redirect "dns" {
> >? ? ? ? ? ? ? ? ? ? listen on [1]dns.example.com tcp port 53
> >? ? ? ? ? ? ? ? ? ? listen on [2]dns.example.com udp port 53
> >? ? ? ? ? ? ? ? ? ? forward to port 53 check tcp
> >? ? ? ? ? ? }
> >"""
> >I think we are struggling on how to be clear because option and
> >sub-option are named the same and the need to distinguish between other
> >"non-sub-options", if that makes any sense.
> >We could go the relayd.conf(5) method and don't mention anything about
> >sub-option blocks and just give examples such as A, B, and C above.
> >
>
> ok, i see patching one page is probably not enough. please let this
> rest just now till i can get help to figure it out and try and improve
> it.
>
> in the meantime i've asked separately about the addition of a tls
> example. will let you know.
>
> jmc
regarding the tls example... florian pointed out that we have good
examples already, in /etc/examples. i've added a pointer to them to the
doc, since we want to remind people to use these too.
jmc
Re: man httpd.conf option does not mention option blocks
Alfred Morgan(alf...@54.org) on 2019.03.12 01:24:40 -0500:
> httpd uses the configuration processor that relayd uses so I was curious to
> see how this block of sub options were explained in relayd.conf(5) and
Good idea.
But dont draw general conclusions from this please. The parsers are similar
because they were (in part) written by the same author. no wonder they share
syntactic feature.
Every time we write one of these parsers, its a mix of "how do we apply our
general syntax to this new domain?", "what do i re-use to make it easier for
people?", "how lazy am i?" and "%^$#@#$ yacc is crazy!!!".
/B.
> interestingly enough this is not explained there either but there are
> examples of the multiple option block being used. One thing I learned from
> relayd.conf examples was that the sub options can also be separated by a
> coma allowing multiple sub options to be written on one line inside the
> brackets. I confirmed this works the same in httpd.conf. This gives us
> these possibilities to write sub options:
> A)
> connection max requests 10
> connection timeout 600
>
> B)
> connection {
> max requests 10
> timeout 600
> }
>
> C)
> connection { max requests 10, timeout 60 }
>
> While reading the man page for relayd.conf I found this easy to read and
> simple explanation that we may draw inspiration from -- although this still
> does not explain the sub option block:
> """
> It is possible to specify multiple listen directives with different IP
> protocols in a single redirection configuration:
>redirect "dns" {
>listen on dns.example.com tcp port 53
>listen on dns.example.com udp port 53
>
>forward to port 53 check tcp
>}
> """
> I think we are struggling on how to be clear because option and sub-option
> are named the same and the need to distinguish between other
> "non-sub-options", if that makes any sense.
> We could go the relayd.conf(5) method and don't mention anything about
> sub-option blocks and just give examples such as A, B, and C above.
>
> On Mon, Mar 11, 2019 at 5:21 PM Evan Silberman wrote:
>
> > Jason McIntyre wrote:
> > > On Mon, Mar 11, 2019 at 12:29:41PM -0700, Evan Silberman wrote:
> > > > Jason McIntyre wrote:
> > > > >
> > > > > Index: httpd.conf.5
> > > > > ===
> > > > > RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v
> > > > > retrieving revision 1.103
> > > > > diff -u -r1.103 httpd.conf.5
> > > > > --- httpd.conf.5 19 Feb 2019 11:37:26 - 1.103
> > > > > +++ httpd.conf.5 11 Mar 2019 19:05:57 -
> > > > > @@ -155,7 +155,10 @@
> > > > > .Xr patterns 7 .
> > > > > .El
> > > > > .Pp
> > > > > -Followed by a block of options that is enclosed in curly brackets:
> > > > > +It is followed by a block of directives and values, enclosed in
> > curly brackets.
> > > > > +Directives which take multiple
> > > > > +.Ar option
> > > > > +values may also group these options in curly brackets.
> > > >
> > > > This is better than mine but I don't think the "also" has a referent
> > here. Maybe:
> > > > "Directives which take multiple option values may be repeated or may
> > group the
> > > > options in curly brackets." This excludes the possible interpretation
> > that e.g.
> > > > 'log access "acces_log" error "error_log"' is valid syntax.
> > > >
> > >
> > > "also" because we just said that directives and values are enclosed in
> > > curly brackets. so "also" meaning "in the same way as we just showed
> > > you".
> >
> > You're right, reading the context more carefully this makes perfect sense.
> > >
> > > "repeated" is confusing i think (like you would specify the same option
> > > value twice).
> >
> > Fair enough. I have no further quibbles.
> >
> > Evan Silberman
> >
> --
> -alfred
>
--
Re: man httpd.conf option does not mention option blocks
On Tue, Mar 12, 2019 at 01:24:40AM -0500, Alfred Morgan wrote:
>httpd uses the configuration processor that relayd uses so I was
>curious to see how this block of sub options were explained in
>relayd.conf(5) and interestingly enough this is not explained there
>either but there are examples of the multiple option block being used.
>One thing I learned from relayd.conf examples was that the sub options
>can also be separated by a coma allowing multiple sub options to be
>written on one line inside the brackets. I confirmed this works the
>same in httpd.conf. This gives us these possibilities to write sub
>options:
>A)
>connection max requests 10
>connection timeout 600
>B)
>connection {
>? ? max requests 10
>? ? timeout 600
>}
>C)
>connection { max requests 10, timeout 60 }
>While reading the man page for relayd.conf I found this easy to read
>and simple explanation that we may draw inspiration from -- although
>this still does not explain the sub option block:
>"""
>It is possible to specify multiple listen directives with different IP
>? ? ? protocols in a single redirection configuration:
>? ? ? ? ? ? redirect "dns" {
>? ? ? ? ? ? ? ? ? ? listen on [1]dns.example.com tcp port 53
>? ? ? ? ? ? ? ? ? ? listen on [2]dns.example.com udp port 53
>? ? ? ? ? ? ? ? ? ? forward to port 53 check tcp
>? ? ? ? ? ? }
>"""
>I think we are struggling on how to be clear because option and
>sub-option are named the same and the need to distinguish between other
>"non-sub-options", if that makes any sense.
>We could go the relayd.conf(5) method and don't mention anything about
>sub-option blocks and just give examples such as A, B, and C above.
>
ok, i see patching one page is probably not enough. please let this
rest just now till i can get help to figure it out and try and improve
it.
in the meantime i've asked separately about the addition of a tls
example. will let you know.
jmc
Re: man httpd.conf option does not mention option blocks
Something else that should be considered is to enter a new term "option_block" into the syntax specification, so instead of this: connection option directory option hsts [option] [no] log [option] request option tcp option tls option We now write the syntax as: connection option|option_block directory option|option_block hsts [option|option_block] [no] log [option|option_block] request option|option_block tcp option|option_block tls option|option_block This way we avoid ambiguously referencing any of the other parameters that don't go in to blocks. Now we can go ahead and describe an option_block: An option_block is one or more specified options separated by a coma or carriage return enclosed in curly brackets. We then show a couple of examples in the example section below and we call it a day. -- -alfred
Re: man httpd.conf option does not mention option blocks
httpd uses the configuration processor that relayd uses so I was curious to
see how this block of sub options were explained in relayd.conf(5) and
interestingly enough this is not explained there either but there are
examples of the multiple option block being used. One thing I learned from
relayd.conf examples was that the sub options can also be separated by a
coma allowing multiple sub options to be written on one line inside the
brackets. I confirmed this works the same in httpd.conf. This gives us
these possibilities to write sub options:
A)
connection max requests 10
connection timeout 600
B)
connection {
max requests 10
timeout 600
}
C)
connection { max requests 10, timeout 60 }
While reading the man page for relayd.conf I found this easy to read and
simple explanation that we may draw inspiration from -- although this still
does not explain the sub option block:
"""
It is possible to specify multiple listen directives with different IP
protocols in a single redirection configuration:
redirect "dns" {
listen on dns.example.com tcp port 53
listen on dns.example.com udp port 53
forward to port 53 check tcp
}
"""
I think we are struggling on how to be clear because option and sub-option
are named the same and the need to distinguish between other
"non-sub-options", if that makes any sense.
We could go the relayd.conf(5) method and don't mention anything about
sub-option blocks and just give examples such as A, B, and C above.
On Mon, Mar 11, 2019 at 5:21 PM Evan Silberman wrote:
> Jason McIntyre wrote:
> > On Mon, Mar 11, 2019 at 12:29:41PM -0700, Evan Silberman wrote:
> > > Jason McIntyre wrote:
> > > >
> > > > Index: httpd.conf.5
> > > > ===
> > > > RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v
> > > > retrieving revision 1.103
> > > > diff -u -r1.103 httpd.conf.5
> > > > --- httpd.conf.5 19 Feb 2019 11:37:26 - 1.103
> > > > +++ httpd.conf.5 11 Mar 2019 19:05:57 -
> > > > @@ -155,7 +155,10 @@
> > > > .Xr patterns 7 .
> > > > .El
> > > > .Pp
> > > > -Followed by a block of options that is enclosed in curly brackets:
> > > > +It is followed by a block of directives and values, enclosed in
> curly brackets.
> > > > +Directives which take multiple
> > > > +.Ar option
> > > > +values may also group these options in curly brackets.
> > >
> > > This is better than mine but I don't think the "also" has a referent
> here. Maybe:
> > > "Directives which take multiple option values may be repeated or may
> group the
> > > options in curly brackets." This excludes the possible interpretation
> that e.g.
> > > 'log access "acces_log" error "error_log"' is valid syntax.
> > >
> >
> > "also" because we just said that directives and values are enclosed in
> > curly brackets. so "also" meaning "in the same way as we just showed
> > you".
>
> You're right, reading the context more carefully this makes perfect sense.
> >
> > "repeated" is confusing i think (like you would specify the same option
> > value twice).
>
> Fair enough. I have no further quibbles.
>
> Evan Silberman
>
--
-alfred
Re: man httpd.conf option does not mention option blocks
On Mar 11, 2019 5:20 PM, Evan Silberman wrote: > > Jason McIntyre wrote: > > On Mon, Mar 11, 2019 at 12:29:41PM -0700, Evan Silberman wrote: > > > Jason McIntyre wrote: > > > > > > > > Index: httpd.conf.5 > > > > === > > > > RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v > > > > retrieving revision 1.103 > > > > diff -u -r1.103 httpd.conf.5 > > > > --- httpd.conf.5 19 Feb 2019 11:37:26 - 1.103 > > > > +++ httpd.conf.5 11 Mar 2019 19:05:57 - > > > > @@ -155,7 +155,10 @@ > > > > .Xr patterns 7 . > > > > .El > > > > .Pp > > > > -Followed by a block of options that is enclosed in curly brackets: > > > > +It is followed by a block of directives and values, enclosed in curly > > > > brackets. > > > > +Directives which take multiple > > > > +.Ar option > > > > +values may also group these options in curly brackets. > > > > > > This is better than mine but I don't think the "also" has a referent > > > here. Maybe: > > > "Directives which take multiple option values may be repeated or may > > > group the > > > options in curly brackets." This excludes the possible interpretation > > > that e.g. > > > 'log access "acces_log" error "error_log"' is valid syntax. > > > > > > > "also" because we just said that directives and values are enclosed in > > curly brackets. so "also" meaning "in the same way as we just showed > > you". > > You're right, reading the context more carefully this makes perfect sense. > > > > "repeated" is confusing i think (like you would specify the same option > > value twice). > > Fair enough. I have no further quibbles. > > Evan Silberman > Not that it matters much, but I like it better too. :)
Re: man httpd.conf option does not mention option blocks
Jason McIntyre wrote: > On Mon, Mar 11, 2019 at 12:29:41PM -0700, Evan Silberman wrote: > > Jason McIntyre wrote: > > > > > > Index: httpd.conf.5 > > > === > > > RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v > > > retrieving revision 1.103 > > > diff -u -r1.103 httpd.conf.5 > > > --- httpd.conf.5 19 Feb 2019 11:37:26 - 1.103 > > > +++ httpd.conf.5 11 Mar 2019 19:05:57 - > > > @@ -155,7 +155,10 @@ > > > .Xr patterns 7 . > > > .El > > > .Pp > > > -Followed by a block of options that is enclosed in curly brackets: > > > +It is followed by a block of directives and values, enclosed in curly > > > brackets. > > > +Directives which take multiple > > > +.Ar option > > > +values may also group these options in curly brackets. > > > > This is better than mine but I don't think the "also" has a referent here. > > Maybe: > > "Directives which take multiple option values may be repeated or may group > > the > > options in curly brackets." This excludes the possible interpretation that > > e.g. > > 'log access "acces_log" error "error_log"' is valid syntax. > > > > "also" because we just said that directives and values are enclosed in > curly brackets. so "also" meaning "in the same way as we just showed > you". You're right, reading the context more carefully this makes perfect sense. > > "repeated" is confusing i think (like you would specify the same option > value twice). Fair enough. I have no further quibbles. Evan Silberman
Re: man httpd.conf option does not mention option blocks
On Mon, Mar 11, 2019 at 12:29:41PM -0700, Evan Silberman wrote: > Jason McIntyre wrote: > > > > Index: httpd.conf.5 > > === > > RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v > > retrieving revision 1.103 > > diff -u -r1.103 httpd.conf.5 > > --- httpd.conf.519 Feb 2019 11:37:26 - 1.103 > > +++ httpd.conf.511 Mar 2019 19:05:57 - > > @@ -155,7 +155,10 @@ > > .Xr patterns 7 . > > .El > > .Pp > > -Followed by a block of options that is enclosed in curly brackets: > > +It is followed by a block of directives and values, enclosed in curly > > brackets. > > +Directives which take multiple > > +.Ar option > > +values may also group these options in curly brackets. > > This is better than mine but I don't think the "also" has a referent here. > Maybe: > "Directives which take multiple option values may be repeated or may group the > options in curly brackets." This excludes the possible interpretation that > e.g. > 'log access "acces_log" error "error_log"' is valid syntax. > "also" because we just said that directives and values are enclosed in curly brackets. so "also" meaning "in the same way as we just showed you". "repeated" is confusing i think (like you would specify the same option value twice). jmc
Re: man httpd.conf option does not mention option blocks
Jason McIntyre wrote: > > Index: httpd.conf.5 > === > RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v > retrieving revision 1.103 > diff -u -r1.103 httpd.conf.5 > --- httpd.conf.5 19 Feb 2019 11:37:26 - 1.103 > +++ httpd.conf.5 11 Mar 2019 19:05:57 - > @@ -155,7 +155,10 @@ > .Xr patterns 7 . > .El > .Pp > -Followed by a block of options that is enclosed in curly brackets: > +It is followed by a block of directives and values, enclosed in curly > brackets. > +Directives which take multiple > +.Ar option > +values may also group these options in curly brackets. This is better than mine but I don't think the "also" has a referent here. Maybe: "Directives which take multiple option values may be repeated or may group the options in curly brackets." This excludes the possible interpretation that e.g. 'log access "acces_log" error "error_log"' is valid syntax. Regards, Evan Silberman
Re: man httpd.conf option does not mention option blocks
On Mon, Mar 11, 2019 at 08:59:30AM -0700, Evan Silberman wrote:
>
>
> > On Mar 10, 2019, at 11:55 PM, Jason McIntyre wrote:
> >
> > +Directives which take multiple
> > +.Ar option
> > +values may themselves be grouped in curly brackets.
>
> I think this implies that the directives (which take multiple option values)
> may be grouped in curly brackets rather than implying the options and their
> values may be grouped in curly brackets as a parameter to the root directive.
> I would try something like:
>
you're right, it's ambiguous. but...
> For some options, the possible values are another set of options. In these
> cases, the main option can be repeated, setting a different suboption each
> time, or the main option may be followed by a block enclosed by curly braces,
> within which each suboption may be set without repeating the name of the main
> option.
>
> I???m not super happy with this paragraph, which gives up brevity for
> precision, but I do think it???s more precise.
>
i don;t really want to go down the road of talking about suboptions!
also the text is super long. i've tweaked my text below. if we can't get
it clear and concise, it might just be easier to give an example.
jmc
Index: httpd.conf.5
===
RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v
retrieving revision 1.103
diff -u -r1.103 httpd.conf.5
--- httpd.conf.519 Feb 2019 11:37:26 - 1.103
+++ httpd.conf.511 Mar 2019 19:05:57 -
@@ -155,7 +155,10 @@
.Xr patterns 7 .
.El
.Pp
-Followed by a block of options that is enclosed in curly brackets:
+It is followed by a block of directives and values, enclosed in curly brackets.
+Directives which take multiple
+.Ar option
+values may also group these options in curly brackets.
.Bl -tag -width Ds
.It Ic alias Ar name
Specify an additional alias
@@ -714,9 +717,14 @@
.Bd -literal -offset indent
server "www.example.com" {
alias "example.com"
- listen on * port 80
- listen on * tls port 443
+ listen on * port http
+ listen on * tls port https
root "/htdocs/www.example.com"
+
+ tls {
+ key "/etc/ssl/private/example.com.key
+ certificate "/etc/ssl/example.com.fullchain.pem"
+ }
}
server "www.a.example.com" {
Re: man httpd.conf option does not mention option blocks
> On Mar 10, 2019, at 11:55 PM, Jason McIntyre wrote: > > +Directives which take multiple > +.Ar option > +values may themselves be grouped in curly brackets. I think this implies that the directives (which take multiple option values) may be grouped in curly brackets rather than implying the options and their values may be grouped in curly brackets as a parameter to the root directive. I would try something like: For some options, the possible values are another set of options. In these cases, the main option can be repeated, setting a different suboption each time, or the main option may be followed by a block enclosed by curly braces, within which each suboption may be set without repeating the name of the main option. I’m not super happy with this paragraph, which gives up brevity for precision, but I do think it’s more precise. Regards, Evan Silberman
Re: man httpd.conf option does not mention option blocks
On Sun, Mar 10, 2019 at 07:03:36PM -0500, Alfred Morgan wrote:
>jmc wrote on? 2019-03-05 6:58:38:
>> > How does this sound?
>> > A specified option may be written inside curly brackets in order to
>specify
>> > a block of one or more specified options.
>>?
>> regarding your sentence - it's confusing. this is a tough one to
>write,
>> i think. from everything following that sentence to the end of that
>> section, can everything take this {} notation?
>Not everything. I found this difficult to explain because the manual
>uses the word "option" as an argument to an "option" as well as the
>main option. The manual does seem to distinguish the two terms by
>referring to the option argument as a "specified option"
>It would really help changing the sub-option name to something else,
>like, "parameter", or "sub-option" but this would require an overhaul
>that I was avoiding.
morning.
thanks for the feedback. i've tidied up your diff a bit. how does it
read?
i could do with feedback on two levels:
- does any developer want to ok alfred's proposed changes to the
examples? i can;t commit this without one.
- does anyone want to nitpick the text regarding multiple options?
thanks,
jmc
Index: httpd.conf.5
===
RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v
retrieving revision 1.103
diff -u -r1.103 httpd.conf.5
--- httpd.conf.519 Feb 2019 11:37:26 - 1.103
+++ httpd.conf.511 Mar 2019 06:54:47 -
@@ -155,7 +155,10 @@
.Xr patterns 7 .
.El
.Pp
-Followed by a block of options that is enclosed in curly brackets:
+It is followed by a block of directives and values, enclosed in curly brackets.
+Directives which take multiple
+.Ar option
+values may themselves be grouped in curly brackets.
.Bl -tag -width Ds
.It Ic alias Ar name
Specify an additional alias
@@ -714,9 +717,14 @@
.Bd -literal -offset indent
server "www.example.com" {
alias "example.com"
- listen on * port 80
- listen on * tls port 443
+ listen on * port http
+ listen on * tls port https
root "/htdocs/www.example.com"
+
+ tls {
+ key "/etc/ssl/private/example.com.key
+ certificate "/etc/ssl/example.com.fullchain.pem"
+ }
}
server "www.a.example.com" {
Re: man httpd.conf option does not mention option blocks
On Mon, Mar 04, 2019 at 03:46:25PM -0600, Alfred Morgan wrote:
> jmc wrote:
> > i think if you attached a diff to your mail, no matter how poorly
> > written, you would have a better chance of something happening.
>
> How does this sound?
> A specified option may be written inside curly brackets in order to specify
> a block of one or more specified options.
> (diff included below)
>
morning.
thanks for following this up with a diff!
regarding your sentence - it's confusing. this is a tough one to write,
i think. from everything following that sentence to the end of that
section, can everything take this {} notation?
alias { x y z }
that is valid? or it's just command words that take lists of options,
like
tls {
cert x
ciphers y
}
the sentence doesn;t make this clear. i can't offer an improvement
without understand where it's valid. can you supply more detail (not in
a diff, just describe it).
> > where can {} be used? just here or other places? is there a general rule?
>
> Yes, I tested several specified options and this appears to be a general
> rule. One thing I noticed, which made me include "one or more" in my
> documentation, is an optional specified option will not accept an empty
> curly brackets `{ }` such as the option `hsts [option]` won't allow to be
> written as `hsts { }`.
>
so it applies just to commands which have an argument "option"?
> > what https examples would improve the page?
>
> I believe a tls option with a multiple specified options block containing
> paths to acme-client default key and cert paths example would be great. And
> how about using named ports even.
>
fair enough. i'll try and get some feedback on this/
jmc
> Index: httpd.conf.5
> ===
> RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v
> retrieving revision 1.103
> diff -u -p -r1.103 httpd.conf.5
> --- httpd.conf.519 Feb 2019 11:37:26 - 1.103
> +++ httpd.conf.54 Mar 2019 21:33:27 -
> @@ -155,7 +155,9 @@ see
> .Xr patterns 7 .
> .El
> .Pp
> -Followed by a block of options that is enclosed in curly brackets:
> +Followed by a block of options that is enclosed in curly brackets.
> +A specified option may be written inside curly brackets in order to specify
> +a block of one or more specified options:
> .Bl -tag -width Ds
> .It Ic alias Ar name
> Specify an additional alias
> @@ -714,9 +716,13 @@ the server will be matched based on the
> .Bd -literal -offset indent
> server "www.example.com" {
> alias "example.com"
> - listen on * port 80
> - listen on * tls port 443
> + listen on * port http
> + listen on * tls port https
> root "/htdocs/www.example.com"
> +tls {
> +key "/etc/ssl/private/example.com.key"
> +certificate "/etc/ssl/example.com.fullchain.pem"
> +}
> }
>
> server "www.a.example.com" {
>
> --
> -alfred
Re: man httpd.conf option does not mention option blocks
jmc wrote:
> i think if you attached a diff to your mail, no matter how poorly
> written, you would have a better chance of something happening.
How does this sound?
A specified option may be written inside curly brackets in order to specify
a block of one or more specified options.
(diff included below)
> where can {} be used? just here or other places? is there a general rule?
Yes, I tested several specified options and this appears to be a general
rule. One thing I noticed, which made me include "one or more" in my
documentation, is an optional specified option will not accept an empty
curly brackets `{ }` such as the option `hsts [option]` won't allow to be
written as `hsts { }`.
> what https examples would improve the page?
I believe a tls option with a multiple specified options block containing
paths to acme-client default key and cert paths example would be great. And
how about using named ports even.
Index: httpd.conf.5
===
RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v
retrieving revision 1.103
diff -u -p -r1.103 httpd.conf.5
--- httpd.conf.519 Feb 2019 11:37:26 - 1.103
+++ httpd.conf.54 Mar 2019 21:33:27 -
@@ -155,7 +155,9 @@ see
.Xr patterns 7 .
.El
.Pp
-Followed by a block of options that is enclosed in curly brackets:
+Followed by a block of options that is enclosed in curly brackets.
+A specified option may be written inside curly brackets in order to specify
+a block of one or more specified options:
.Bl -tag -width Ds
.It Ic alias Ar name
Specify an additional alias
@@ -714,9 +716,13 @@ the server will be matched based on the
.Bd -literal -offset indent
server "www.example.com" {
alias "example.com"
- listen on * port 80
- listen on * tls port 443
+ listen on * port http
+ listen on * tls port https
root "/htdocs/www.example.com"
+tls {
+key "/etc/ssl/private/example.com.key"
+certificate "/etc/ssl/example.com.fullchain.pem"
+}
}
server "www.a.example.com" {
--
-alfred
Re: man httpd.conf option does not mention option blocks
On Sun, Mar 03, 2019 at 01:05:54PM -0600, Alfred Morgan wrote:
> There are two formats you can write options in and the man page does not
> mention format 2.
>
> format 1:
> tls key "/etc/ssl/private/server.key"
> tls certificate "/etc/ssl/server.crt"
>
> format 2:
> tls {
> key "/etc/ssl/private/server.key"
> certificate "/etc/ssl/server.crt"
> }
>
> Besides this, https is pretty much a requirement now and the only tls
> example mentioned in the man page is a single line using an implicit
> default key and a default certificate:
> listen on * tls port 443
>
> --
> -alfred
hi.
i think if you attached a diff to your mail, no matter how poorly
written, you would have a better chance of something happening.
where can {} be used? just here or other places? is there a general
rule? what https examples would improve the page?
jmc
man httpd.conf option does not mention option blocks
There are two formats you can write options in and the man page does not
mention format 2.
format 1:
tls key "/etc/ssl/private/server.key"
tls certificate "/etc/ssl/server.crt"
format 2:
tls {
key "/etc/ssl/private/server.key"
certificate "/etc/ssl/server.crt"
}
Besides this, https is pretty much a requirement now and the only tls
example mentioned in the man page is a single line using an implicit
default key and a default certificate:
listen on * tls port 443
--
-alfred
