cscg24-guacamole

CSCG 2024 Challenge 'Guacamole Mashup'
git clone https://git.sinitax.com/sinitax/cscg24-guacamole
Log | Files | Refs | sfeed.txt

guacd.conf.5.in (5298B)


      1.\"
      2.\" Licensed to the Apache Software Foundation (ASF) under one
      3.\" or more contributor license agreements.  See the NOTICE file
      4.\" distributed with this work for additional information
      5.\" regarding copyright ownership.  The ASF licenses this file
      6.\" to you under the Apache License, Version 2.0 (the
      7.\" "License"); you may not use this file except in compliance
      8.\" with the License.  You may obtain a copy of the License at
      9.\"
     10.\"   http://www.apache.org/licenses/LICENSE-2.0
     11.\"
     12.\" Unless required by applicable law or agreed to in writing,
     13.\" software distributed under the License is distributed on an
     14.\" "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
     15.\" KIND, either express or implied.  See the License for the
     16.\" specific language governing permissions and limitations
     17.\" under the License.
     18.\"
     19.TH guacd.conf 5 "1 Jun 2017" "version @PACKAGE_VERSION@" "Apache Guacamole"
     20.
     21.SH NAME
     22/etc/guacamole/guacd.conf \- Configuration file for guacd
     23.
     24.SH DESCRIPTION
     25.B /etc/guacamole/guacd.conf
     26is the configuration file for the Guacamole proxy daemon used by the Guacamole
     27web application and framework,
     28.B guacd.
     29Use of this file is entirely optional, and all of its options can be specified
     30from the command line when running
     31.B guacd.
     32If you provide both the
     33.B guacd.conf
     34file and command line options, the command line options will take precedence.
     35.
     36.SH SYNTAX
     37.B guacd.conf
     38is made up of sections, where each section contains a set of parameter/value
     39pairs. The parameters available are dictated by the section in use, and
     40parameters may only be specified within a section.
     41.P
     42The beginning of each section is denoted with a section name in brackets, and
     43each section ends implicitly with the beginning of a new section, or at the end
     44of the file.
     45.TP
     46\fB[server]\fR
     47Contains parameters which control how
     48.B guacd
     49behaves as a server, from a network perspective.
     50.TP
     51\fB[daemon]\fR
     52Parameters which configure how
     53.B guacd
     54behaves as a daemon, such as what file should contain the PID, if any.
     55.TP
     56\fB[ssl]\fR
     57Parameters which control the SSL support of
     58.B guacd,
     59such as the certificate and private key used for encryption of the Guacamole
     60protocol. This section and its parameters are only valid if
     61.B guacd
     62was built with SSL support.
     63.P
     64Parameters within sections are written as a parameter name, followed by an
     65equals sign, followed by the parameter value, all on one line. Comments may be
     66placed anywhere, and consist of arbitrary text following a
     67.B #
     68symbol until end-of-line:
     69.TP
     70\fIname\fR \fB=\fR \fIvalue\fR \fB#\fR \fISome arbitrary comment text\fR
     71.P
     72Beware that it is the combination of the section name with the parameter name
     73that makes up the fully qualified name of a parameter. Each parameter
     74absolutely
     75.I must
     76be placed only within its proper section, or
     77.B guacd.conf
     78will fail to be parsed, and
     79.B guacd
     80will not start.
     81.P
     82If special characters need to be placed within a parameter value, such as
     83whitespace, \fB#\fR, \fB"\fR, or \fB\\\fR, the entire value must be enclosed in
     84double quotes, and each occurrence of \fB"\fR or \fB\\\fR within the value must
     85be escaped with backslashes:
     86.TP
     87\fIname\fR \fB=\fR \fB"\fR\fIquoted # value \\\\ with \\" special characters\fR\fB"\fR
     88.
     89.SH SERVER PARAMETERS
     90.TP
     91\fBbind_host\fR \fB=\fR \fIHOSTNAME\fR
     92Requires
     93.B guacd
     94to bind to a specific host when listening for connections. By default,
     95.B guacd
     96will bind to localhost only.
     97.TP
     98\fBbind_port\fR \fB=\fR \fIPORT\fR
     99Requires
    100.B guacd
    101to bind to a specific port when listening for connections. By default,
    102.B guacd
    103will bind to port 4822.
    104.
    105.SH DAEMON PARAMETERS
    106.TP
    107\fBlog_level\fR \fB=\fR \fILEVEL\fR
    108Sets the maximum level at which
    109.B guacd
    110will log messages to syslog and, if running in the foreground, the console.
    111Legal values are
    112.B trace,
    113.B debug,
    114.B info,
    115.B warning,
    116and
    117.B error.
    118The default value is
    119.B info.
    120.TP
    121\fBpid_file\fR \fB=\fR \fIFILE\fR
    122Causes
    123.B guacd
    124to write its PID to the specified file upon startup. Note that
    125.B guacd
    126must have sufficient privileges to create or write this file, or it will fail
    127to start. This parameter is typically needed for startup scripts, such that the
    128script can report on the status of
    129.B guacd
    130and kill it if necessary.
    131.
    132.SH SSL PARAMETERS
    133If
    134.B guacd
    135was built with SSL support, then connections between the web application and
    136.B guacd
    137can be encrypted if an SSL certificate and key file are given.
    138.P
    139When using a chain of certificates, you must append the additional certificates
    140to your server certificate. This can be done easily with the standard
    141.B cat
    142command. Beware that the certificate for
    143.B guacd
    144.I must
    145be the first certificate in the file.
    146.TP
    147\fBserver_certificate\fR \fB=\fR \fICERTIFICATE FILE\fR
    148Enables SSL/TLS using the given cerficiate file. Future connections to
    149.B guacd
    150will require SSL/TLS enabled in the client (the web application).
    151.TP
    152\fBserver_key\fR \fB=\fR \fIKEY FILE\fR
    153Enables SSL/TLS using the given private key file. Future connections to
    154.B guacd
    155will require SSL/TLS enabled in the client (the web application).
    156.
    157.SH EXAMPLE
    158.nf
    159.RS
    160#
    161# guacd.conf example
    162#
    163
    164[daemon]
    165
    166pid_file = /var/run/guacd.pid
    167
    168[server]
    169
    170bind_host = localhost
    171bind_port = 4822
    172
    173[ssl]
    174
    175server_certificate = /etc/ssl/certs/guacd.crt
    176server_key = /etc/ssl/private/guacd.key
    177.RE
    178.fi