systemd-socket-proxyd

systemd-socket-proxyd #

The binary file: /lib/systemd/systemd-socket-proxyd

Usage #

bash
/lib/systemd/systemd-socket-proxyd --help
text
systemd-socket-proxyd [HOST:PORT]
systemd-socket-proxyd [SOCKET]

Bidirectionally proxy local sockets to another (possibly remote) socket.

  -c --connections-max=  Set the maximum number of connections to be accepted
     --exit-idle-time=   Exit when without a connection for this duration. See
                         the systemd.time(7) man page for time span format
  -h --help              Show this help
     --version           Show package version

See the systemd-socket-proxyd(8) man page for details.

样例一: nginx proxy #

systemd侦听端口,在接收到请求时再去启动 nginx 服务。

nginx配置修改:

  • listen 80 default_server; –> listen unix:/run/nginx-80.sock default_server;
  • listen 8080; –> listen unix:/run/nginx-8080.sock;

需要准备的单元文件:

  • /etc/systemd/system/nginx-proxy.target
  • /etc/systemd/system/nginx-proxy@.socket
  • /etc/systemd/system/nginx-proxy@.service

单元配置管理:

bash
sudo systemctl daemon-reload
sudo systemctl disable nginx.service

# 启用/禁用配置:
sudo systemctl enalbe/disable --now nginx-proxy.target

代理端口管理:

bash
# 启用/禁用端口:
sudo systemctl enalbe/disable --now nginx-proxy@80.socket
sudo systemctl enalbe/disable --now nginx-proxy@8080.socket

# 暂时关闭所有端口:
sudo systemctl stop nginx-proxy.target

Unit: nginx-proxy.target #

text
[Unit]
Description=Nginx proxy target for ports proxying

[Install]
WantedBy=multi-user.target

Unit: nginx-proxy@.socket #

text
[Unit]
Description=Nginx proxy socket on port %i
PartOf=nginx-proxy.target

[Socket]
ListenStream=%i

[Install]
WantedBy=nginx-proxy.target

Unit: nginx-proxy@.service #

text
[Unit]
Description=Nginx proxy service on port %i
Requires=nginx.service
BindsTo=nginx-proxy@%i.socket
After=nginx.service nginx-proxy@%i.socket

[Service]
ExecStart=/lib/systemd/systemd-socket-proxyd /run/nginx-%i.sock

样例二: docker nginx proxy #

systemd侦听 80 端口,在接收到请求时再去启动 docker nginx 容器(8080端口)。

需要准备的单元文件:

  • /etc/systemd/system/docker-nginx-proxy.socket
  • /etc/systemd/system/docker-nginx-proxy.service
  • /etc/systemd/system/docker-nginx.service

快速启用 #

bash
# Unit: docker-nginx-proxy.socket
tee /etc/systemd/system/docker-nginx-proxy.socket <<EOF
[Unit]
Description=Docker nginx proxy socket

[Socket]
ListenStream=80

[Install]
WantedBy=sockets.target
EOF


# Unit: docker-nginx-proxy.service
tee /etc/systemd/system/docker-nginx-proxy.service <<EOF
[Unit]
Description=Docker nginx proxy service
Requires=docker-nginx.service
BindsTo=docker-nginx-proxy.socket
After=docker-nginx.service docker-nginx-proxy.socket

[Service]
/lib/systemd/systemd-socket-proxyd 127.0.0.1:8080
EOF


# Unit: docker-nginx.service
tee /etc/systemd/system/docker-nginx.service <<EOF
[Unit]
Description=Docker nginx service
Requires=docker.service
After=docker.service

[Service]
ExecStart=/bin/docker start -a nginx8080
#ExecStartPost=TODO-check-http-8080
EOF


# 启用配置:
sudo systemctl daemon-reload
sudo systemctl enable --now docker-nginx-proxy.socket
2025年7月14日
Previous systemd-analyze systemd.unit Next