Merge pull request #204 from NethServer/filippocarletti-patch-1

Services: update for systemd and zones
NethServer · Mar 16, 2017 · 516d3b5 · 516d3b5
2 parents f89ebcc + debb11e
commit 516d3b5
Showing 1 changed file with 9 additions and 24 deletions.
diff --git a/developer-manual/en/services.rst b/developer-manual/en/services.rst
@@ -13,12 +13,11 @@ A service in :file:`configuration` database is something like this: ::
 
 Where :file:`httpd` is the service name and ``status`` tells the system if the service should be ``enabled`` or ``disabled``.
 
-When the :index:`status` property is switched between enabled/disabled state, the change will be reflected into runlevel configuration using :command:`chkconfig` command. If both Upstart and SysV scripts are present, Upstart has the precedence and SysV script is disabled. For example see `httpd-admin` service.    
-
+When the :index:`status` property is switched between enabled/disabled state, the change will be reflected into runlevel configuration.
 This is what :command:`runlevel-adjust` event and action do for all configured services. 
 There is also another action called :command:`adjust-services` which does the same thing for services registered on a single event.
 
-A service without a record in the configuration database is ignored and can be manually manged using :command:`chkconfig` and :command:`service` commands.
+A service without a record in the configuration database is ignored and can be manually manged using :command:`systemctl`.
 See :ref:`add_a_new_service`.
 
 Control a service
@@ -48,44 +47,30 @@ Ports can be listed in following properties:
 * ``UDPPorts``: a comma separated list of UDP ports
 
 If both TCPPort and TCPPorts properties are set, TCPPorts has the precedence.
-If both UDPPort and TCPPorts properties are set, UDPPorts has the precedence.
+If both UDPPort and UDPPorts properties are set, UDPPorts has the precedence.
 
 A service can be accessible from public or private LAN. This configuration is saved on ``access`` property.
-The property can have one of the following values:
-
-* ``none``: the service is accessible only from localhost, no port is open
-* ``private``: the service is accessible only from green interfaces
-* ``public``: the service is accessible from green and red interfaces, but no blue and orange
+The property is a comma separated list of zones (green, red, blue, orange).
 
 Example of a service with UDP port 1122 open to the Internet: ::
 
-  config setprop myservice status enabled UDPPort 1122 access public
+  config setprop myservice status enabled UDPPort 1122 access green,red
 
 Example of a service with TCP ports 1122 an 2233 open to local network: ::
 
-  config setprop myservice status enabled TCPPorts 1122,2233 access private
+  config setprop myservice status enabled TCPPorts 1122,2233 access green
 
 
 The ports are opened only if the ``status`` property is set to ``enabled``.
 
 .. _network_service_custom_access-section:
 
-Custom access
--------------
-
-Each network service can have one or both of following properties:
-
-* ``AllowHosts``: listed hosts can always access the service 
-* ``DenyHosts``: listed hosts can never access the service
-
-Both properties can be a list of IPs or CIDR networks and are honored only if access is seto to ``private`` or ``public``
-
 .. _add_a_new_service:
 
 Add a new service
 =================
 
-Any software can configure the init system using the standard :command:`chkconfig` command.
+Any software can configure the init system using the standard :command:`systemctl` command.
 This approach always work for third-party software.
 
 
@@ -112,13 +97,13 @@ Add a new network service
 
 If a service not controlled by NethServer needs one or more open ports, use the TCPPort(s) or UDPPort(s) prop to declare the port(s) and signal the firewall to open it: ::
 
-  config set fw_myservice service status enabled TCPPort 12345 access private
+  config set fw_myservice service status enabled TCPPort 12345 access green
   signal-event firewall-adjust
 
 Otherwise, if the service is controlled by NethServer, you can add the properties directly to the service key. For the service *myservice* on above
 example: ::
 
-  config set myservice service status enabled TCPPort 12345 access private
+  config set myservice service status enabled TCPPort 12345 access green
   signal-event firewall-adjust
 
 See :ref:`firewall_gateway-section`.