mod_posix: Move everything to util.startup This allows greater control over the order of events. Notably, the internal ordering between daemonization, initialization of libunbound and setup of signal handling is sensitive. libunbound starts a separate thread for processing DNS requests. If this thread is started before signal handling has been set up, it will not inherit the signal handlers and instead behave as it would have before signal handlers were set up, i.e. cause the whole process to immediately exit. libunbound is usually initialized on the first DNS request, usually triggered by an outgoing s2s connection attempt. If daemonization happens before signals have been set up, signals may not be processed at all.

     1

.DEFAULT: localhost.crt

     2

keysize=2048

     3

     4

# How to:

     5

# First, `make yourhost.cnf` which creates a openssl config file.

     6

# Then edit this file and fill in the details you want it to have,

     7

# and add or change hosts and components it should cover.

     8

# Then `make yourhost.key` to create your private key, you can

     9

# include keysize=number to change the size of the key.

    10

# Then you can either `make yourhost.csr` to generate a certificate

    11

# signing request that you can submit to a CA, or `make yourhost.crt`

    12

# to generate a self signed certificate.

    13

    14

${.TARGETS:M*.crt}: 

    15

	openssl req -new -x509 -newkey rsa:$(keysize) -nodes -keyout ${.TARGET:R}.key \

    16

		-days 365 -sha256 -out $@ -utf8 -subj /CN=${.TARGET:R}

    17

    18

.SUFFIXES: .key .crt