* [pve-devel] [PATCH docs] pveproxy: document LISTEN_IP setting
@ 2021-04-23 15:58 Stoiko Ivanov
2021-04-24 17:41 ` [pve-devel] applied: " Thomas Lamprecht
0 siblings, 1 reply; 2+ messages in thread
From: Stoiko Ivanov @ 2021-04-23 15:58 UTC (permalink / raw)
To: pve-devel
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
---
pveproxy.adoc | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/pveproxy.adoc b/pveproxy.adoc
index d50d04a..0ea5658 100644
--- a/pveproxy.adoc
+++ b/pveproxy.adoc
@@ -59,6 +59,24 @@ The default policy is `allow`.
|===========================================================
+Listening IP
+------------
+
+By setting `LISTEN_IP` in `/etc/default/pveproxy` you can control to which IP
+address the daemon binds. The IP address needs to be configured on the system.
+
+This can be used to listen only to an internal interface and thus have less
+exposure to the public internet:
+
+ LISTEN_IP="192.0.2.1"
+
+Similarly you can also set a n IPv6 address:
+
+ LISTEN_IP="2001:db8:85a3::1"
+
+WARNING: The nodes in a cluster need access to pveproxy for communictation.
+It is not recommended to set `LISTEN_IP` on clustered systems.
+
SSL Cipher Suite
----------------
--
2.20.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* [pve-devel] applied: [PATCH docs] pveproxy: document LISTEN_IP setting
2021-04-23 15:58 [pve-devel] [PATCH docs] pveproxy: document LISTEN_IP setting Stoiko Ivanov
@ 2021-04-24 17:41 ` Thomas Lamprecht
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Lamprecht @ 2021-04-24 17:41 UTC (permalink / raw)
To: Proxmox VE development discussion, Stoiko Ivanov
On 23.04.21 17:58, Stoiko Ivanov wrote:
> Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
> ---
> pveproxy.adoc | 18 ++++++++++++++++++
> 1 file changed, 18 insertions(+)
>
applied, thanks! Fixed a typo and noted that both pveproxy and spiceproxy are
affected by this change.
> diff --git a/pveproxy.adoc b/pveproxy.adoc
> index d50d04a..0ea5658 100644
> --- a/pveproxy.adoc
> +++ b/pveproxy.adoc
> @@ -59,6 +59,24 @@ The default policy is `allow`.
> |===========================================================
>
>
> +Listening IP
> +------------
> +
> +By setting `LISTEN_IP` in `/etc/default/pveproxy` you can control to which IP
> +address the daemon binds. The IP address needs to be configured on the system.
> +
> +This can be used to listen only to an internal interface and thus have less
> +exposure to the public internet:
> +
> + LISTEN_IP="192.0.2.1"
> +
> +Similarly you can also set a n IPv6 address:
> +
> + LISTEN_IP="2001:db8:85a3::1"
> +
> +WARNING: The nodes in a cluster need access to pveproxy for communictation.
s/communictation/communication/
> +It is not recommended to set `LISTEN_IP` on clustered systems.
> +
> SSL Cipher Suite
> ----------------
>
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-04-24 17:42 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-23 15:58 [pve-devel] [PATCH docs] pveproxy: document LISTEN_IP setting Stoiko Ivanov
2021-04-24 17:41 ` [pve-devel] applied: " Thomas Lamprecht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox