taler-docs

Documentation for GNU Taler components, APIs and protocols
Log | Files | Refs | README | LICENSE

taler-merchant-rproxy-setup.1.rst (2745B)

      1 taler-merchant-rproxy-setup(1)
      2 ##############################
      3 
      4 .. only:: html
      5 
      6    Name
      7    ====
      8 
      9    **taler-merchant-rproxy-setup** - configure reverse proxy for the Taler merchant
     10 
     11 Synopsis
     12 ========
     13 
     14 **taler-merchant-rproxy-setup**
     15 [**--domain**=*NAME*]
     16 [**--nginx** | **--apache**]
     17 [**--httponly** | **--httpsonly**]
     18 [**-h** | **--help**]
     19 
     20 
     21 Description
     22 ===========
     23 
     24 **taler-merchant-rproxy-setup** is a command-line tool that configures
     25 a reverse proxy for the Taler merchant under either Nginx or Apache
     26 HTTP server.  It may optionally enable HTTPS via **certbot** unless
     27 **--httponly** is requested.
     28 
     29 If neither **--nginx** nor **--apache** is specified, the script checks
     30 whether exactly one of them is installed and proceeds accordingly, or
     31 exits with an error if neither or both are installed.
     32 
     33 The script updates the default reverse-proxy configuration file
     34 (``/etc/nginx/sites-available/taler-merchant`` for Nginx,
     35 ``/etc/apache2/sites-available/taler-merchant.conf`` for Apache) and
     36 backs up any existing version to a ``.legacy`` suffix.  If HTTPS is
     37 enabled (the default unless **--httponly** is given), *certbot* is run
     38 to obtain TLS certificates for the configured domain name, and
     39 the configuration is adjusted accordingly.  If **--httpsonly** is
     40 requested, HTTP requests will be redirected to HTTPS (port 443).
     41 Finally, the script activates the new site configuration and reloads
     42 the respective web server.
     43 
     44 To ensure successful configuration, both the web server (Nginx or
     45 Apache) and **certbot** (unless **--httponly**) must be installed.
     46 In the case of Apache, some modules (``proxy``, ``proxy_http``,
     47 ``headers``) must be enabled.  The script will check for these
     48 prerequisites and exit with an error if any are missing.
     49 
     50 
     51 Options
     52 =======
     53 
     54 **--domain=**\ *NAME*
     55    Required. The fully qualified domain name (FQDN) for which the
     56    reverse proxy is being set up.
     57 
     58 **--nginx**
     59    Force using Nginx as the reverse proxy.  If not specified, the script
     60    auto-detects whether Nginx or Apache is installed, provided exactly
     61    one is installed.
     62 
     63 **--apache**
     64    Force using Apache as the reverse proxy.  If not specified, the script
     65    auto-detects whether Nginx or Apache is installed, provided exactly
     66    one is installed.
     67 
     68 **--httponly**
     69    Only configure HTTP (no TLS).  Skips certbot and omits all
     70    TLS-related configuration.  Incompatible with **--httpsonly**.
     71 
     72 **--httpsonly**
     73    Configure HTTPS and automatically redirect HTTP traffic to the HTTPS
     74    port. Incompatible with **--httponly**.
     75 
     76 **-h** \| **--help**
     77    Print short help on options.
     78 
     79 
     80 See Also
     81 ========
     82 
     83 taler-merchant-httpd(1), taler-merchant.conf(5)
     84 
     85 
     86 Bugs
     87 ====
     88 
     89 Report bugs by using https://bugs.taler.net/ or by sending
     90 electronic mail to <taler@gnu.org>.