This site is deprecated; docs have moved to docs.inspircd.org!

Historical:Development/RemoteIncludes

From the makers of InspIRCd.
Revision as of 23:08, 25 August 2007 by Special (Talk | contribs)

Jump to: navigation, search

Remote Includes

Introduction

The goal is to be able to securely fetch configuration files on demand from a central server. This makes management and central control of servers on a network MUCH easier.

Design

The running theory is to use a combination of m_httpd (on a hub / the server which will serve configuration files) and m_http_client (on all other servers) - which has the benefit of not requiring a securely configured 3rd party server. These can also be extended to support SSL and some form of authenticity check (SSL certificate fingerprints?). Each server would then send a request with m_http_client to get it's files, before loading the configuration (during rehash, etc).

Problems

The major issue with this idea is a 'chicken-egg' situation on startup; the configuration needs to be fetched, but can't be fetched until some things are configured and initialized. Notably, the socket engine must be fully operational (outgoing connect) and configured (IP binding), SSL must be loaded and configured (if used), m_http_client must be loaded, and whatever module is required for remote includes must be loaded and configured. There are LOTS of values required for the IRCd to run that aren't reasonable to require in the local configuration.

Solution #1: Revise configuration loading

One solution would be to somehow revise configuration so that the ircd can be partially started (enough for the conditions listed above), without requiring the majority of it's configuration. This would, however, be fairly complicated to do, and rather annoying.

Solution #2: ...?

Feel free to suggest. :P