From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <o.bektas@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 44E1869F14
 for <pve-devel@lists.proxmox.com>; Wed, 24 Mar 2021 11:06:44 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 3B55A37056
 for <pve-devel@lists.proxmox.com>; Wed, 24 Mar 2021 11:06:14 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [212.186.127.180])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id ACF6D3704B
 for <pve-devel@lists.proxmox.com>; Wed, 24 Mar 2021 11:06:13 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 6E5A04180F
 for <pve-devel@lists.proxmox.com>; Wed, 24 Mar 2021 11:06:13 +0100 (CET)
Date: Wed, 24 Mar 2021 11:03:33 +0100
From: Oguz Bektas <o.bektas@proxmox.com>
To: Fabian Ebner <f.ebner@proxmox.com>
Cc: pve-devel@lists.proxmox.com
Message-ID: <20210324100333.GA10674@gaia.proxmox.com>
Mail-Followup-To: Oguz Bektas <o.bektas@proxmox.com>,
 Fabian Ebner <f.ebner@proxmox.com>, pve-devel@lists.proxmox.com
References: <20210322140045.763332-1-o.bektas@proxmox.com>
 <20210322140045.763332-3-o.bektas@proxmox.com>
 <01b43315-23f3-0df4-f23a-2d6a84a7bb33@proxmox.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <01b43315-23f3-0df4-f23a-2d6a84a7bb33@proxmox.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-SPAM-LEVEL: Spam detection results:  0
 AWL 1.509 Adjusted score from AWL reputation of From: address
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 RCVD_IN_DNSWL_MED        -2.3 Sender listed at https://www.dnswl.org/,
 medium trust
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [spiceproxy.pm, pveproxy.pm]
Subject: Re: [pve-devel] [PATCH v3 manager 2/3] proxy: allow setting
 LISTEN_IP for pveproxy and spiceproxy
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 10:06:44 -0000

On Wed, Mar 24, 2021 at 09:37:35AM +0100, Fabian Ebner wrote:
> After these first two patches, the default behavior is different:
> Previously, it would only listen for either IPv4 or IPv6 (depending on what
> get_host_address_family would return), while now it listens for both. Not
> sure if that's a problem though?

this was the recommended approach pointed out by thomas in response to
the last patches (to make it the same as PBS, which listens on wildcard
interface by default). so this was intended


> 
> Am 22.03.21 um 15:00 schrieb Oguz Bektas:
> > the $host variable is set to "::0" by default to listen on wildcard
> > (with 'Domain' => PF_INET6).
> > 
> > if 'LISTEN_IP' is defined in /etc/default/pveproxy, that IP will be used
> > instead.
> > 
> > Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
> > ---
> >   PVE/Service/pveproxy.pm   | 4 ++--
> >   PVE/Service/spiceproxy.pm | 4 ++--
> >   2 files changed, 4 insertions(+), 4 deletions(-)
> > 
> > diff --git a/PVE/Service/pveproxy.pm b/PVE/Service/pveproxy.pm
> > index 571a6bf5..4ecd442a 100755
> > --- a/PVE/Service/pveproxy.pm
> > +++ b/PVE/Service/pveproxy.pm
> > @@ -69,8 +69,8 @@ sub init {
> >       my $lockfh = IO::File->new(">>${accept_lock_fn}") ||
> >   	die "unable to open lock file '${accept_lock_fn}' - $!\n";
> > -    my $family = PVE::Tools::get_host_address_family($self->{nodename});
> > -    my $socket = $self->create_reusable_socket(8006, undef, $family);
> > +    my $listen_ip = $proxyconf->{LISTEN_IP} // "::0";
> > +    my $socket = $self->create_reusable_socket(8006, $listen_ip);
> >       my $dirs = {};
> > diff --git a/PVE/Service/spiceproxy.pm b/PVE/Service/spiceproxy.pm
> > index f8e06b60..24be0ed7 100755
> > --- a/PVE/Service/spiceproxy.pm
> > +++ b/PVE/Service/spiceproxy.pm
> > @@ -39,8 +39,8 @@ sub init {
> >       my $lockfh = IO::File->new(">>${accept_lock_fn}") ||
> >   	die "unable to open lock file '${accept_lock_fn}' - $!\n";
> > -    my $family = PVE::Tools::get_host_address_family($self->{nodename});
> > -    my $socket = $self->create_reusable_socket(3128, undef, $family);
> > +    my $listen_ip = $proxyconf->{LISTEN_IP} // "::0";
> > +    my $socket = $self->create_reusable_socket(3128, $listen_ip);
> >       $self->{server_config} = {
> >   	keep_alive => 0,
> >