commit 45d17ffa0afd0aaf98051c8a3e6876365fdb99cc Author: David Fifield <david@bamsoftware.com> Date: Tue Mar 6 19:18:39 2018 -0800 Regen man pages. --- doc/meek-server.1 | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/doc/meek-server.1 b/doc/meek-server.1 index 09d198c..2552dce 100644 --- a/doc/meek-server.1 +++ b/doc/meek-server.1 @@ -2,12 +2,12 @@ .\" Title: meek-server .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> -.\" Date: 04/22/2017 +.\" Date: 03/06/2018 .\" Manual: \ \& .\" Source: \ \& .\" Language: English .\" -.TH "MEEK\-SERVER" "1" "04/22/2017" "\ \&" "\ \&" +.TH "MEEK\-SERVER" "1" "03/06/2018" "\ \&" "\ \&" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -50,7 +50,7 @@ You will need to configure TLS certificates\&. There are two ways to set up cert (with optional \fB\-\-acme\-email\fR=\fIEMAIL\fR) will automatically get certificates for \fIHOSTNAME\fR -using Let\(cqs Encrypt\&. This only works when meek\-server is running on port 443\&. +using Let\(cqs Encrypt\&. When you use this option, meek\-server will need to be able to listen on port 80\&. .RE .sp .RS 4 @@ -95,7 +95,7 @@ ServerTransportPlugin meek exec \&./meek\-server 8443 \-\-cert cert\&.pem \-\-ke .RE .\} .sp -To listen on port 443 without needed to run as root, on Linux, you can use the setcap program, part of libcap2: +To listen on ports 80 and 443 without needed to run as root, on Linux, you can use the setcap program, part of libcap2: .sp .if n \{\ .RS 4 @@ -116,21 +116,22 @@ Optional email address to register for Let\(cqs Encrypt notifications when using .PP \fB\-\-acme\-hostnames\fR=\fIHOSTNAME\fR[,\fIHOSTNAME\fR]\&... .RS 4 -Comma\-separated list of hostnames to honor when getting automatic certificates from Let\(cqs Encrypt\&. meek\-server has to be running on port 443 in order for the -\fB\-\-acme\-hostnames\fR -option to work\&. The certificates will be cached in the pt_state/meek\-certificate\-cache directory inside tor state directory\&. +Comma\-separated list of hostnames to honor when getting automatic certificates from Let\(cqs Encrypt\&. meek\-server will open a special listener on port 80 in order to handle ACME messages; this listener is separate from the one specified by +ServerTransportListenAddr\&. The certificates will be cached in the pt_state/meek\-certificate\-cache directory inside tor state directory\&. .RE .PP \fB\-\-cert\fR=\fIFILENAME\fR .RS 4 Name of a PEM\-encoded TLS certificate file\&. Required unless +\fB\-\-acme\-hostnames\fR +or \fB\-\-disable\-tls\fR is used\&. .RE .sp \fB\-\-disable\-tls\fR: Use plain HTTP rather than HTTPS\&. This option is only for testing purposes\&. Don\(cqt use it in production\&. .sp -\fB\-\-key\fR=\fIFILENAME\fR: Name of a PEM\-encoded TLS private key file\&. Required unless \fB\-\-disable\-tls\fR is used\&. +\fB\-\-key\fR=\fIFILENAME\fR: Name of a PEM\-encoded TLS private key file\&. Required unless \fB\-\-acme\-hostnames\fR or \fB\-\-disable\-tls\fR is used\&. .PP \fB\-\-log\fR=\fIFILENAME\fR .RS 4 @@ -139,7 +140,9 @@ Name of a file to write log messages to (default stderr)\&. .PP \fB\-\-port\fR=\fIPORT\fR .RS 4 -Port to listen on\&. Overrides the TOR_PT_SERVER_BINDADDR environment variable set by tor\&. In most cases you should set the +Port to listen on\&. Overrides the +TOR_PT_SERVER_BINDADDR +environment variable set by tor\&. In most cases you should set the \fBServerTransportListenAddr\fR option in torrc, rather than use the \fB\-\-port\fR