prologic-saltyim/docs/Deployment-OpenBSD.md

# Deployment in OpenBSD
This document explains how to spin up saltyd in OpenBSD with a delegated zone to [nsd(8)](https://man.openbsd.org/nsd.8). 
The following method assumes a subdomain is used as both the base URL and the assigned subdomain.

## DNS
Taken from [Aoi K.](https://kyoko-project.wer.ee/~akoizumi/)'s zone file.

```dns
saltr	IN	A	38.87.162.177
	IN	AAAA	2602:fccf:1:1177::
_salty._tcp	IN	SRV 0 0 443 saltr.kyoko-project.wer.ee.
_avatars._tcp	IN	SRV 0 0 443 saltr.kyoko-project.wer.ee.
```

## Nginx
```nginx
server {
    listen 80;
    listen [::]:80;
    server_name saltr.kyoko-project.wer.ee;

    location / { return 301 https://$host$request_uri; }
}
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name saltr.kyoko-project.wer.ee;

    ssl_certificate /etc/dehydrated/certs/kyoko-project.wer.ee/fullchain.pem;
    ssl_certificate_key /etc/dehydrated/certs/kyoko-project.wer.ee/privkey.pem;

    location / {
        proxy_pass http://127.0.0.1:8200;
    }
}
```

## rc.d
```shell
#!/bin/ksh
daemon="/usr/local/salty/saltyd"
daemon_user="_saltyd"

. /etc/rc.d/rc.subr

rc_bg=YES
rc_reload=NO

rc_cmd "$1"
```

```shell
# chmod 0755 /etc/rc.d/saltyd
# rcctl enable saltyd
# rcctl set saltyd flags "-b 0.0.0.0:8200 -d /usr/local/salty/data -u https://saltr.kyoko-project.wer.ee -p saltr.kyoko-project.wer.ee -s bitcask://usr/local/salty/salty.db"
# rcctl start saltyd
```

## Conclusion
* I used port 8200 for my setup because I was already using 8000
Add OpenBSD instructions, based on my personal setup. Update docs/Deployment.md Signed-off-by: Aoi Koizumi (هڈ¤و³‰ مپ‚مپٹمپ„) <koizumi.aoi@kyoko [dash] project [dot] wer [dot] ee> 2022-08-27 02:20:04 +00:00			`# Deployment in OpenBSD`
			`This document explains how to spin up saltyd in OpenBSD with a delegated zone to [nsd(8)](https://man.openbsd.org/nsd.8).`
			`The following method assumes a subdomain is used as both the base URL and the assigned subdomain.`

			`## DNS`
			`Taken from [Aoi K.](https://kyoko-project.wer.ee/~akoizumi/)'s zone file.`

			```dns
			`saltr IN A 38.87.162.177`
			`IN AAAA 2602:fccf:1:1177::`
			`_salty._tcp IN SRV 0 0 443 saltr.kyoko-project.wer.ee.`
			`_avatars._tcp IN SRV 0 0 443 saltr.kyoko-project.wer.ee.`
			```

			`## Nginx`
			```nginx
			`server {`
			`listen 80;`
			`listen [::]:80;`
			`server_name saltr.kyoko-project.wer.ee;`

			`location / { return 301 https://$host$request_uri; }`
			`}`
			`server {`
			`listen 443 ssl http2;`
			`listen [::]:443 ssl http2;`
			`server_name saltr.kyoko-project.wer.ee;`

			`ssl_certificate /etc/dehydrated/certs/kyoko-project.wer.ee/fullchain.pem;`
			`ssl_certificate_key /etc/dehydrated/certs/kyoko-project.wer.ee/privkey.pem;`

			`location / {`
			`proxy_pass http://127.0.0.1:8200;`
			`}`
			`}`
			```

			`## rc.d`
			```shell
			`#!/bin/ksh`
			`daemon="/usr/local/salty/saltyd"`
			`daemon_user="_saltyd"`

			`. /etc/rc.d/rc.subr`

			`rc_bg=YES`
			`rc_reload=NO`

			`rc_cmd "$1"`
			```

			```shell
			`# chmod 0755 /etc/rc.d/saltyd`
			`# rcctl enable saltyd`
			`# rcctl set saltyd flags "-b 0.0.0.0:8200 -d /usr/local/salty/data -u https://saltr.kyoko-project.wer.ee -p saltr.kyoko-project.wer.ee -s bitcask://usr/local/salty/salty.db"`
			`# rcctl start saltyd`
			```

			`## Conclusion`
			`* I used port 8200 for my setup because I was already using 8000`