From da28c713c235e82ed940dcabc5d8e507dddfe425 Mon Sep 17 00:00:00 2001 From: "kali kaneko (leap communications)" Date: Tue, 25 Feb 2020 18:08:53 +0100 Subject: [docs] formatting --- docs/sip-howto.md | 40 ++++++++++++++++++++++++++-------------- 1 file changed, 26 insertions(+), 14 deletions(-) diff --git a/docs/sip-howto.md b/docs/sip-howto.md index 4022e2d..ae27c14 100644 --- a/docs/sip-howto.md +++ b/docs/sip-howto.md @@ -7,35 +7,47 @@ stunnel configuration SIP2 has no encryption built-in. To encrypt traffic, we install stunnel both on the server (the one with the koha instance) and the client (the vpnweb node): - sudo apt-get install stunnel4 +``` +sudo apt-get install stunnel4 +``` Set value to ENABLED in the config file: - /etc/default/stunnel4 +``` +/etc/default/stunnel4 +``` Configure the server, see `docs/examples/stunnel.conf-server-sample`: - [sip2] - accept = 6443 - connect = 6001 - cert = /etc/stunnel/ssl/sip2-cert.pem - key = /etc/stunnel/ssl/sip2-key.pem +``` +[sip2] +accept = 6443 +connect = 6001 +cert = /etc/stunnel/ssl/sip2-cert.pem +key = /etc/stunnel/ssl/sip2-key.pem +``` You will need to generate a certificate pair for this service. For a throwaway test deployment, you can look in the `test/simple-ca` folder. Now configure the client side (the box where the vpnweb instance is running). Create /etc/stunnel/sip.conf: - [sip2] - accept = localhost:6001 - connect = koha.example.org:6443 - client = yes +``` +[sip2] +accept = localhost:6001 +connect = koha.example.org:6443 +client = yes +``` Now you can start the service: - sudo /etc/init.d/stunnel4 start +``` +sudo /etc/init.d/stunnel4 start +``` And configure vpnweb to connect to the local port: - export VPNWEB_SIP_HOST=localhost - export VPNWEB_SIP_PORT=6001 +``` +export VPNWEB_SIP_HOST=localhost +export VPNWEB_SIP_PORT=6001 +``` -- cgit v1.2.3