From 17a7c5d50f174e5f9425e3930799fc4432165cd0 Mon Sep 17 00:00:00 2001 From: Alec Muffett Date: Mon, 3 Apr 2017 11:40:13 +0100 Subject: [PATCH] commit: docs --- README.md | 8 ++--- docs.d/TEMPLATES.md | 87 ++++----------------------------------------- 2 files changed, 11 insertions(+), 84 deletions(-) diff --git a/README.md b/README.md index 590b81a..15c7c60 100644 --- a/README.md +++ b/README.md @@ -20,9 +20,9 @@ nb: bugs are still best reported through `Issues`, above. ## Changes -**NEW:** **IMPORTANT** - the `FORCE_HTTPS` feature has been added and -made *default*; if your site is 100% HTTPS then you do not need to do -anything, however sites which mandate or require insecure `HTTP` may +**NEW:** **IMPORTANT** - the `FORCE_HTTPS` feature has been added and +made *default*; if your site is 100% HTTPS then you do not need to do +anything, however sites which mandate or require insecure `HTTP` may have to use `set force_https 0` in configurations from now on. **NEW:** draft setup and operations "runbook" at: @@ -46,7 +46,7 @@ https://gist.github.com/alecmuffett/461d5762b48b4f19e3cd27a85dfbcf8d * have declared a stable alpha release * architecture images, at bottom of this page * all of CSP, HSTS and HPKP are suppressed by default; onion networking mitigates much of this -* ["tunables"](TUNEABLES.md) documentation for template content +* ["tunables"](TEMPLATES.md) documentation for template content * `troubleshooting` section near the bottom of this page * See [project activity](https://github.com/alecmuffett/eotk/graphs/commit-activity) for information diff --git a/docs.d/TEMPLATES.md b/docs.d/TEMPLATES.md index fd92ad2..1967389 100644 --- a/docs.d/TEMPLATES.md +++ b/docs.d/TEMPLATES.md @@ -288,91 +288,18 @@ globals at the top, and if you have projects which need different settings then use different config files and different runs of `eotk configure`. -# Variable Index +# Variables -Key: +## Template Variables -* defaulted per project = :boom: -* not settable / do not change = :no_entry: - -## Global Variables - -Defaults in (parentheses) - -### EOTK Configuration - -* PROJECTS_HOME (projects.d) -* PROJECT :boom: -* PROJECT_DIR (PROJECTS_HOME/projname.d) :boom: -* LOG_DIR (PROJECT_DIR/log.d) :boom: -* SSL_DIR (PROJECT_DIR/ssl.d) :boom: - -### Template Generation - -* TEMPLATE_TOOL (lib.d/expand-template.pl) -* NGINX_TEMPLATE (templates.d/nginx.conf.txt) -* TOR_TEMPLATE (templates.d/tor.conf.txt) - -### SSL Certificate Generation - -* SSL_TOOL (lib.d/make-selfsigned-wildcard-ssl-cert.sh) -* CERT_COMMON_NAME (not set, use to override CERT_PREFIX) -* CERT_PREFIX (first onion address cited in project) - -### EOTK Operation - -* IS_SOFTMAP :boom: :no_entry: -* SCRIPT_PAUSE (5 seconds) -* SCRIPT_NAMES :no_entry: -* DEBUG_TRAP -* EXTRA_PROCESSING_CSV - -### NGINX Configuration - -* BLOCK_HOST (none) -* BLOCK_HOST_RE (none) -* BLOCK_LOCATION (none) -* BLOCK_LOCATION_RE (none) -* NGINX_CACHE_SECONDS (0) -* NGINX_CACHE_SIZE (16m) -* NGINX_HELLO_ONION (on) -* NGINX_RESOLVER (8.8.8.8) -* NGINX_RESOLVER_FLAGS -* NGINX_RLIM (1024) -* NGINX_SYSLOG (error) -* NGINX_TIMEOUT (30 seconds) -* NGINX_WORKERS (auto) -* SOFTMAP_NGINX_WORKERS (auto) -* SUPPRESS_HEADER_CSP (on) -* SUPPRESS_HEADER_HPKP (on) -* SUPPRESS_HEADER_HSTS (on) -* SUPPRESS_METHODS_EXCEPT_GET (off) - -### Tor Configuration - -* TOR_DIR :boom: :no_entry: -* TOR_INTROS_PER_DAEMON (3) -* TOR_SINGLE_ONION (on) -* TOR_SYSLOG (notice) -* TOR_WORKER_PREFIX ("hs") -* SOFTMAP_TOR_WORKERS (2) - -## Begin/End Variables - -* DNS_DOMAIN -* DNS_DOMAIN_RE (backslashed dots) -* DNS_DOMAIN_RE2 (double-backslashed dots) -* DNS_DOMAIN_RERE (backslashed dots) -* DNS_DOMAIN_RERE2 (double-backslashed dots) -* ONION_ADDRESS -* ONION_ADDRESS_RE (backslashed dots) -* ONION_ADDRESS_RE2 (double-backslashed dots) -* ONION_ADDRESS_RERE (backslashed dots) -* ONION_ADDRESS_RERE2 (double-backslashed dots) -* KEYFILE :no_entry: (cited in config) +A list of template variables - and their default values - is provided +in [the example template configuration file](../demo.d/example.tconf) ## Fake Variables +These are used in Template Configuration (`.tconf`) files, and do not +represent real environment variables. + * NEW_ONION / NEW_HARD_ONION * NEW_SOFT_ONION