diff options
author | Eric Wong <normalperson@yhbt.net> | 2013-04-05 21:38:17 +0000 |
---|---|---|
committer | Eric Wong <normalperson@yhbt.net> | 2013-04-05 21:48:56 +0000 |
commit | 9f846a26d24d7bfaf17cacad16cfbae7eec39c74 (patch) | |
tree | c52bb107c5938eec3954c74e7743b9d2e635b39c /lib/unicorn/configurator.rb | |
parent | 04bcc147d0081433069235a87f779055fa7b6f3c (diff) | |
download | unicorn-9f846a26d24d7bfaf17cacad16cfbae7eec39c74.tar.gz |
The PrivateTmp feature of systemd breaks the usage of /tmp for the shared Unix domain socket between nginx and unicorn, so discourage the use of /tmp in that case. While we're at it, use consistent paths for everything and use an obviously intended-for-user-customization "/path/to" prefix instead of "/tmp" ML-Ref: CAKLVLx_t+9zWMhquMWDfStrxS7xrNoGmN0ZDsjSCUE=VxU+oyQ@mail.gmail.com Reported-by: David Wilkins <dwilkins@conecuh.com>
Diffstat (limited to 'lib/unicorn/configurator.rb')
-rw-r--r-- | lib/unicorn/configurator.rb | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/lib/unicorn/configurator.rb b/lib/unicorn/configurator.rb index 7651093..0d0eac7 100644 --- a/lib/unicorn/configurator.rb +++ b/lib/unicorn/configurator.rb @@ -188,7 +188,7 @@ class Unicorn::Configurator # # on nginx upstream configuration: # upstream unicorn_backend { # # for UNIX domain socket setups: - # server unix:/path/to/unicorn.sock fail_timeout=0; + # server unix:/path/to/.unicorn.sock fail_timeout=0; # # # for TCP setups # server 192.168.0.7:8080 fail_timeout=0; @@ -229,9 +229,15 @@ class Unicorn::Configurator # # listen 3000 # listen to port 3000 on all TCP interfaces # listen "127.0.0.1:3000" # listen to port 3000 on the loopback interface - # listen "/tmp/.unicorn.sock" # listen on the given Unix domain socket + # listen "/path/to/.unicorn.sock" # listen on the given Unix domain socket # listen "[::1]:3000" # listen to port 3000 on the IPv6 loopback interface # + # When using Unix domain sockets, be sure: + # 1) the path matches the one used by nginx + # 2) uses the same filesystem namespace as the nginx process + # For systemd users using PrivateTmp=true (for either nginx or unicorn), + # this means Unix domain sockets must not be placed in /tmp + # # The following options may be specified (but are generally not needed): # # [:backlog => number of clients] |