From 9f846a26d24d7bfaf17cacad16cfbae7eec39c74 Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Fri, 5 Apr 2013 21:38:17 +0000 Subject: doc: update documentation for systemd + PrivateTmp users The PrivateTmp feature of systemd breaks the usage of /tmp for the shared Unix domain socket between nginx and unicorn, so discourage the use of /tmp in that case. While we're at it, use consistent paths for everything and use an obviously intended-for-user-customization "/path/to" prefix instead of "/tmp" ML-Ref: CAKLVLx_t+9zWMhquMWDfStrxS7xrNoGmN0ZDsjSCUE=VxU+oyQ@mail.gmail.com Reported-by: David Wilkins --- lib/unicorn/configurator.rb | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/unicorn/configurator.rb b/lib/unicorn/configurator.rb index 7651093..0d0eac7 100644 --- a/lib/unicorn/configurator.rb +++ b/lib/unicorn/configurator.rb @@ -188,7 +188,7 @@ class Unicorn::Configurator # # on nginx upstream configuration: # upstream unicorn_backend { # # for UNIX domain socket setups: - # server unix:/path/to/unicorn.sock fail_timeout=0; + # server unix:/path/to/.unicorn.sock fail_timeout=0; # # # for TCP setups # server 192.168.0.7:8080 fail_timeout=0; @@ -229,9 +229,15 @@ class Unicorn::Configurator # # listen 3000 # listen to port 3000 on all TCP interfaces # listen "127.0.0.1:3000" # listen to port 3000 on the loopback interface - # listen "/tmp/.unicorn.sock" # listen on the given Unix domain socket + # listen "/path/to/.unicorn.sock" # listen on the given Unix domain socket # listen "[::1]:3000" # listen to port 3000 on the IPv6 loopback interface # + # When using Unix domain sockets, be sure: + # 1) the path matches the one used by nginx + # 2) uses the same filesystem namespace as the nginx process + # For systemd users using PrivateTmp=true (for either nginx or unicorn), + # this means Unix domain sockets must not be placed in /tmp + # # The following options may be specified (but are generally not needed): # # [:backlog => number of clients] -- cgit v1.2.3-24-ge0c7