]> Sergey Matveev's repositories - tofuproxy.git/blobdiff - doc/usage.texi
projects / tofuproxy.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Download link for 0.6.0 release
[tofuproxy.git] / doc / usage.texi
diff --git a/doc/usage.texi b/doc/usage.texi
index 6ff4cd3328a235ecb6638a91e5923a5907b57ccb..0ea417fa83162193d4f2d53856463acedb4b623e 100644 (file)
--- a/doc/usage.texi
+++ b/doc/usage.texi
@@ -3,66 +3,48 @@
 
 Currently @command{tofuproxy} uses:
 GnuTLS'es @url{https://www.gnutls.org/manual/html_node/certtool-Invocation.html, certtool},
-@url{http://cr.yp.to/redo.html, redo} build system,
 @url{https://www.tcl.tk/, Tcl/Tk}'s @command{wish} shell for GUI dialogues,
 @command{dwebp}, @command{djxl}, @command{avifdec} for images transcoding,
-@url{https://github.com/halturin/multitail, multitail} for logs viewing.
+@url{https://vanheusden.com/multitail/, multitail} for logs viewing.
 
 @itemize
 
-@item Download and build @command{tofuproxy}:
-
-@example
-$ git clone git://git.stargrave.org/tofuproxy.git
-$ cd tofuproxy
-$ redo all
-@end example
+@item @ref{Install, Download} and build it.
 
 @item
-If build fails because of untrusted @code{ca.cypherpunks.ru} certificate, then:
+Create separate @file{state/} directory, generate @command{tofuproxy}'s
+certificate and create necessary FIFOs by executing @command{state-init}
+helper:
 
 @example
-$ [fetch|wget] http://www.ca.cypherpunks.ru/cert.pem
-$ [fetch|wget] http://www.ca.cypherpunks.ru/cert.pem.asc
-$ gpg --auto-key-locate dane --locate-keys stargrave at stargrave dot org
-$ gpg --auto-key-locate wkd --locate-keys stargrave at gnupg dot net
-$ gpg --verify cert.pem.asc
-$ SSL_CERT_FILE=`pwd`/cert.pem GIT_SSL_CAINFO=`pwd`/cert.pem redo all
+$ mkdir state ; cd state
+$ ../state-init
 @end example
 
 @item
-Run @command{tofuproxy} itself. By default it will bind to
-@code{[::1]:8080}, use @code{[::1]:53} DNS server for DANE requests
+Run @command{tofuproxy} itself then. By default it will bind to
+@code{[::1]:8080} and use @code{[::1]:53} DNS server for DANE requests
 (set to an empty string to disable DANE lookups):
 
 @example
-$ ./tofuproxy.cmd
+$ ../cmd/tofuproxy/tofuproxy [-ai ecdsa] -unzstd ../cmd/zstd/unzstd
 main.go:70: listening: [::1]:8080 dns: [::1]:53 certs: ./certs ccerts: ./ccerts
 @end example
 
 @item Trust your newly generated CA:
 
 @example
-# cat cert.pem >> /etc/ssl/cert.pem
+# cat cert.pem >>/etc/ssl/cert.pem
 @end example
 
-@item Point you HTTP/HTTPS clients to @code{http://localhost:8080}.
-
-@item
-If you want to use TLS client certificates, then place them to
-@file{-ccerts} directory.
+@item Point you HTTP/HTTPS clients to @code{http://localhost:8080} proxy.
 
 @item Watch logs:
 
 @example
-$ ( cd fifos ; ./multitail.sh )
+$ ( cd fifos ; ../../fifos/multitail )
 @end example
 
 @image{logs,,,Example logs,.webp}
 
 @end itemize
-
-@include spies.texi
-@include certs.texi
-@include warcs.texi
-@include gemini.texi
Flexible HTTP/HTTPS proxy, TLS terminator, X.509 TOFU manager, WARC/geminispace browser