1
# This config for stunnel will start up rsync for an incoming ssl connection.
3
#output = /var/log/stunnel-rsyncd.log
4
pid = /var/run/stunnel-rsyncd.pid
5
socket = l:TCP_NODELAY=1
6
socket = r:TCP_NODELAY=1
8
# This must be root for rsync to use chroot -- rsync will drop permissions:
14
# You can set the cert to a combo *.pem file and omit the key, if you like.
15
cert = /etc/rsync-ssl/certs/server.crt
16
key = /etc/rsync-ssl/certs/server.key
19
# To allow anyone to try an ssl connection, use this:
21
CAfile = /etc/ssl/ca-bundle.pem
23
# To allow only cert-authorized clients, use something like this instead of the above:
25
#CAfile = /etc/rsync-ssl/certs/allowed-clients.cert.pem
28
# You can either share the same config as a normal daemon, or specify a separate config:
29
execargs = rsync --server --daemon .
30
#execargs = rsync --server --daemon --config=/etc/rsync-ssl/rsyncd.conf .