| # conf.d file for shellinaboxd |
| # Copyright 1999-2015 Gentoo Foundation |
| # Distributed under the terms of the GNU General Public License v2 |
| # $Id$ |
| |
| # Options available (copied from the man page): |
| # |
| # Sometimes, it is not necessary to replace the entire style sheet using the |
| # --static-file option. But instead a small incremental change should be made to |
| # the visual appearance of the terminal. The --css option provides a means to |
| # append additional style rules to the end of the default styles.css sheet. More |
| # than one --css option can be given on the same command line. |
| # |
| # You shouldn't need to change this value |
| # unless you want to load your own style sheets. |
| SIAB_CSS_DIR="/usr/share/shellinabox-resources" |
| |
| # If built with SSL/TLS support enabled, the daemon will look in SIAB_CERT_DIR for any |
| # certificates. If unspecified, this defaults to the current working directory. |
| # |
| # If the browser negotiated a Server Name Identification the daemon will look for |
| # a matching certificate-SERVERNAME.pem file. This allows for virtual hosting |
| # of multiple server names on the same IP address and port. |
| # |
| # If no SNI handshake took place, it falls back on using the certificate in the |
| # certificate.pem file. |
| # |
| # The administrator should make sure that there are matching certificates for |
| # each of the virtual hosts on this server, and that there is a generic certifiā |
| # cate.pem file. |
| # |
| # If no suitable certificate is installed, shellinaboxd will attempt to invoke |
| # /usr/bin/openssl and create a new self-signed certificate. This only |
| # succeeds if, after dropping privileges, shellinaboxd has write |
| # permissions for SIAB_CERT_DIR. |
| # |
| # Most browsers show a warning message when encountering a self-signed |
| # certificate and then allow the user the option of accepting the certificate. |
| # Due to this usability problem, and due to the perceived security |
| # implications, the use of auto-generated self-signed certificates is intended |
| # for testing or in intranet deployments, only. |
| # |
| SIAB_CERT_DIR="/etc/shellinabox/cert" |
| |
| # By default, shellinaboxd redirectes all incoming HTTP requests to their |
| # equivalent HTTPS URLs. If promoting of connections to encrypted SSL/TLS |
| # sessions is undesired, this behavior can be disabled. |
| # |
| # This option is also useful during testing or for deployment in trusted |
| # intranets, if SSL certificates are unavailable. |
| # |
| # SIAB_DISABLE_SSL and SIAB_CERT_DIR are mutually exclusive options. |
| # |
| # Add this option to SIAB_OPTS if you don't want SSL support. |
| SIAB_DISABLE_SSL="--disable-ssl" |
| |
| # Default port to listen on. |
| SIAB_HTTP_PORT="4200" |
| |
| # Run shellinabox as this user. |
| SIAB_USER="shellinaboxd" |
| |
| # Run shellinabox as this group. |
| SIAB_GROUP="shellinaboxd" |
| |
| # Default service to launch |
| SIAB_SERVICE="/:LOGIN" |
| |
| # Do not add both SIAB_CSS_DIR or SIAB_CERT_DIR to SIAB_OPTS. |
| |
| # Default setup turns off SSL. |
| SIAB_OPTS="${SIAB_DISABLE_SSL} --port=${SIAB_HTTP_PORT} --user=${SIAB_USER} --group=${SIAB_GROUP} --service=${SIAB_SERVICE}" |
| |
| # Uncomment this line to activate SSL. |
| # SIAB_OPTS="--cert=${SIAB_CERT_DIR} --port=${SIAB_HTTP_PORT} --user=${SIAB_USER} --group=${SIAB_GROUP} --service=${SIAB_SERVICE}" |
