diff options
| author | kali kaneko (leap communications) <kali@leap.se> | 2020-02-25 18:08:53 +0100 |
|---|---|---|
| committer | kali kaneko (leap communications) <kali@leap.se> | 2020-02-25 18:08:53 +0100 |
| commit | da28c713c235e82ed940dcabc5d8e507dddfe425 (patch) | |
| tree | 9bd74af1b76ec15c259e4cd13a6a03624e9a71bc | |
| parent | a50ffe62c340f5384828a49a18eefc56c3227790 (diff) | |
[docs] formatting
| -rw-r--r-- | docs/sip-howto.md | 40 |
1 files changed, 26 insertions, 14 deletions
diff --git a/docs/sip-howto.md b/docs/sip-howto.md index 4022e2d..ae27c14 100644 --- a/docs/sip-howto.md +++ b/docs/sip-howto.md @@ -7,35 +7,47 @@ stunnel configuration SIP2 has no encryption built-in. To encrypt traffic, we install stunnel both on the server (the one with the koha instance) and the client (the vpnweb node): - sudo apt-get install stunnel4 +``` +sudo apt-get install stunnel4 +``` Set value to ENABLED in the config file: - /etc/default/stunnel4 +``` +/etc/default/stunnel4 +``` Configure the server, see `docs/examples/stunnel.conf-server-sample`: - [sip2] - accept = 6443 - connect = 6001 - cert = /etc/stunnel/ssl/sip2-cert.pem - key = /etc/stunnel/ssl/sip2-key.pem +``` +[sip2] +accept = 6443 +connect = 6001 +cert = /etc/stunnel/ssl/sip2-cert.pem +key = /etc/stunnel/ssl/sip2-key.pem +``` You will need to generate a certificate pair for this service. For a throwaway test deployment, you can look in the `test/simple-ca` folder. Now configure the client side (the box where the vpnweb instance is running). Create /etc/stunnel/sip.conf: - [sip2] - accept = localhost:6001 - connect = koha.example.org:6443 - client = yes +``` +[sip2] +accept = localhost:6001 +connect = koha.example.org:6443 +client = yes +``` Now you can start the service: - sudo /etc/init.d/stunnel4 start +``` +sudo /etc/init.d/stunnel4 start +``` And configure vpnweb to connect to the local port: - export VPNWEB_SIP_HOST=localhost - export VPNWEB_SIP_PORT=6001 +``` +export VPNWEB_SIP_HOST=localhost +export VPNWEB_SIP_PORT=6001 +``` |