Required settings for each server
Server
Preliminaries
This note lists the required entries in the server section that every configuration file must have.
Configuration
The RWSERVE software listens for incoming requests on a single IP address and port. These two values are declared in the server
section of the configuration file using the ip-address
and port
entries.
Normally, the IP address should be specified as the publicly available IP address for the device, which is equivalent to the address configured in the OS for the ethernet NIC. But in cases where a separate publicly available IP address is mapped to the device (through DNS), this won't work. For example, Digital Ocean "floating IPs" have this characteristic. In these cases, configure the server with ip-address
0.0.0.0
.
The server is able to handle multiple simultaneous requests using its built-in cluster capability. The number of concurrent processes to load into memory is declared in the cluster-size
entry. See the separate Cluster note for details.
The server's list of ciphers used for TLS can be configured using the ciphers
section. See the separate Cipher Suites note for details.
The server uses Server Name Indication (SNI) to allow it to handle multiple hostnames. Each hostname must be declared, in the same configuration file, using a separate host
section.
The server software is licensed for use on one device. You must obtain an access key from Read Write Tools and specify it in the server section in order to use the software uninterrupted. See the separate note regarding Registration for details.
EBNF
SP | ::= | U+20 |
CR | ::= | U+0D |
SOLIDUS | ::= | U+2F |
ASTERISK | ::= | U+2A |
FULL-STOP | ::= | U+2E |
GRAVE-ACCENT | ::= | U+60 |
LEFT-CURLY-BRACKET | ::= | U+7B |
RIGHT-CURLY-BRACKET | ::= | U+7D |
unsigned-number | ::= | 0..255 |
ip4-address | ::= | unsigned-number '.' unsigned-number '.' unsigned-number '.' unsigned-number |
ip-address-entry | ::= | 'ip-address' SP ip4-address CR |
port-entry | ::= | 'port' SP (443 | [1024..65535]) CR |
number-of-processes | ::= | 1..64 |
cluster-size-entry | ::= | 'cluster-size' number-of-processes CR |
ciphers-section | ::= | 'ciphers' SP LEFT-CURLY-BRACKET CR (openssl-cipher-name CR)* RIGHT-CURLY-BRACKET CR |
customer-number-entity | ::= | 'customer-number' SP ALPHA* CR |
access-key-entity | ::= | 'access-key' SP ALPHA* CR |
registration-section | ::= | 'registration' SP LEFT-CURLY-BRACKET CR customer-number-entity access-key-entity RIGHT-CURLY-BRACKET CR |
server-section | ::= | 'server' SP LEFT-CURLY-BRACKET CR ip-address port cluster-size ciphers-section registration-section RIGHT-CURLY-BRACKET CR |
Cookbook
Example 1: Mimimum settings for the server section
server {
ip-address 10.20.30.40
port 443
cluster-size 4
registration {
customer-number CN-XXX-AAAAA
access-key AK-YYY-BBBBB
}
}
Example 2: Setting IP address for "floating IPs"
server {
ip-address 0.0.0.0
port 443
cluster-size 4
registration {
customer-number CN-XXX-AAAAA
access-key AK-YYY-BBBBB
}
}
Review
Key points to remember:
- Every configuration must have a
server
section to specify the ip-address, port, cluster size, and registration.