[#742] Update docs

Signed-off-by: Denis Kirillov <denis@nspcc.ru>

CHANGELOG.md

@@ -13,6 +13,9 @@ This document outlines major changes between releases.
 - Timeout for individual operations in streaming RPC (#740)
 - Reload policies on SIGHUP (#747)
 
+### Added
+- Multiple server listeners (#742)
+
 ### Changed
 - Placement policy configuration (#568)
 
@@ -27,9 +30,15 @@ placement_policy:
 Make sure you update the config accordingly:
 If you configure application using environment variables change:
 * `S3_GW_DEFAULT_POLICY` -> `S3_GW_PLACEMENT_POLICY_DEFAULT_POLICY`
+* `S3_GW_LISTEN_ADDRESS` -> `S3_GW_SERVER_0_ADDRESS`
+* `S3_GW_TLS_CERT_FILE` -> `S3_GW_SERVER_0_TLS_CERT_FILE` (and set `S3_GW_SERVER_0_TLS_ENABLED=true`)
+* `S3_GW_TLS_KEY_FILE` -> `S3_GW_SERVER_0_TLS_KEY_FILE` (and set `S3_GW_SERVER_0_TLS_ENABLED=true`)
 
 If you configure application using `.yaml` file change:
 * `defaul_policy` -> `placement_policy.default`
+* `listen_address` -> `server.0.address`
+* `tls.cert_file` -> `server.0.tls.cert_file` (and set `server.0.tls.enabled: true`)
+* `tls.key_file` -> `server.0.tls.key_file` (and set `server.0.tls.enabled: true`)
 
 ## [0.25.0] - 2022-10-31
 

cmd/s3-gw/app_settings.go

@@ -223,7 +223,7 @@ func newSettings() *viper.Viper {
 	flags.Int(cfgMaxClientsCount, defaultMaxClientsCount, "set max-clients count")
 	flags.Duration(cfgMaxClientsDeadline, defaultMaxClientsDeadline, "set max-clients deadline")
 
-	flags.String(cmdListenAddress, "0.0.0.0:8080", "set address to listen")
+	flags.String(cmdListenAddress, "0.0.0.0:8080", "set the main address to listen")
 	flags.String(cfgTLSCertFile, "", "TLS certificate file to use")
 	flags.String(cfgTLSKeyFile, "", "TLS key file to use")
 

docs/configuration.md

@@ -62,6 +62,8 @@ $ neofs-s3-gw --listen_address 192.168.130.130:443 \
   --tls.key_file=key.pem --tls.cert_file=cert.pem
 ```
 
+Using these flag you can configure only one address. To set multiple addresses use yaml config. 
+
 ### RPC endpoint and resolving of bucket names
 
 To set RPC endpoint specify a value of parameter `-r` or `--rpc_endpoint`. The parameter is **required if** another
@@ -95,7 +97,7 @@ $ neofs-s3-gw --healthcheck_timeout 15s --connect_timeout 1m --rebalance_interva
 ### Monitoring and metrics
 
 Pprof and Prometheus are integrated into the gateway. To enable them, use `--pprof` and `--metrics` flags or
-`S3_GW_PPROF`/`S3_GW_METRICS` environment variables.
+`S3_GW_PPROF_ENABLED`/`S3_GW_PROMETHEUS_ENABLED` environment variables.
 
 ## YAML file and environment variables
 
@@ -155,7 +157,7 @@ There are some custom types used for brevity:
 | `wallet`           | [Wallet configuration](#wallet-section)                     |
 | `peers`            | [Nodes configuration](#peers-section)                       |
 | `placement_policy` | [Placement policy configuration](#placement_policy-section) |
-| `tls`              | [TLS configuration](#tls-section)                           |
+| `server`           | [Server configuration](#server-section)                     |
 | `logger`           | [Logger configuration](#logger-section)                     |
 | `tree`             | [Tree configuration](#tree-section)                         |
 | `cache`            | [Cache configuration](#cache-section)                       |
@@ -168,8 +170,6 @@ There are some custom types used for brevity:
 ### General section
 
 ```yaml
-listen_address: 0.0.0.0:8084
-
 listen_domains:
    - s3dev.neofs.devenv
    - s3dev2.neofs.devenv
@@ -195,7 +195,6 @@ allowed_access_key_id_prefixes:
 
 | Parameter                        | Type       | SIGHUP reload | Default value  | Description                                                                                                                                                                                                       |
 |----------------------------------|------------|---------------|----------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| `listen_address`                 | `string`   |               | `0.0.0.0:8080` | The address that the gateway is listening on.                                                                                                                                                                     |
 | `listen_domains`                 | `[]string` |               |                | Domains to be able to use virtual-hosted-style access to bucket.                                                                                                                                                  |
 | `rpc_endpoint`                   | `string`   | yes           |                | The address of the RPC host to which the gateway connects to resolve bucket names (required to use the `nns` resolver).                                                                                           |
 | `resolve_order`                  | `[]string` | yes           | `[dns]`        | Order of bucket name resolvers to use. Available resolvers: `dns`, `nns`.                                                                                                                                         |                                                                                                                                                                           |
@@ -281,18 +280,30 @@ File for `region_mapping` must contain something like this:
 **Note:** on SIGHUP reload policies will be updated only if both parameters are valid. 
 So if you change `default` to some valid value and set invalid path in `region_mapping` the `default` value won't be changed.
 
-### `tls` section
+### `server` section
+
+You can specify several listeners for server. For example, for `http` and `https`.
 
 ```yaml
-tls:
+server:
-  cert_file: /path/to/cert
+  - address: 0.0.0.0:8080
-  key_file: /path/to/key
+    tls:
+      enabled: false
+      cert_file: /path/to/cert
+      key_file: /path/to/key
+  - address: 0.0.0.0:8081
+    tls:
+      enabled: true
+      cert_file: /path/to/another/cert
+      key_file: /path/to/another/key
 ```
 
-| Parameter   | Type     | SIGHUP reload | Default value | Description                  |
+| Parameter       | Type     | SIGHUP reload | Default value  | Description                                   |
-|-------------|----------|---------------|---------------|------------------------------|
+|-----------------|----------|---------------|----------------|-----------------------------------------------|
-| `cert_file` | `string` | yes           |               | Path to the TLS certificate. |
+| `address`       | `string` |               | `0.0.0.0:8080` | The address that the gateway is listening on. |
-| `key_file`  | `string` | yes           |               | Path to the key.             |
+| `tls.enabled`   | `bool`   |               | false          | Enable TLS or not.                            |
+| `tls.cert_file` | `string` | yes           |                | Path to the TLS certificate.                  |
+| `tls.key_file`  | `string` | yes           |                | Path to the key.                              |
 
 ### `logger` section