[pve-devel] [PATCH docs] pveproxy: document LISTEN_IP setting
Stoiko Ivanov
s.ivanov at proxmox.com
Fri Apr 23 17:58:14 CEST 2021
Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
pveproxy.adoc | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/pveproxy.adoc b/pveproxy.adoc
index d50d04a..0ea5658 100644
--- a/pveproxy.adoc
+++ b/pveproxy.adoc
@@ -59,6 +59,24 @@ The default policy is `allow`.
|===========================================================
+Listening IP
+------------
+
+By setting `LISTEN_IP` in `/etc/default/pveproxy` you can control to which IP
+address the daemon binds. The IP address needs to be configured on the system.
+
+This can be used to listen only to an internal interface and thus have less
+exposure to the public internet:
+
+ LISTEN_IP="192.0.2.1"
+
+Similarly you can also set a n IPv6 address:
+
+ LISTEN_IP="2001:db8:85a3::1"
+
+WARNING: The nodes in a cluster need access to pveproxy for communictation.
+It is not recommended to set `LISTEN_IP` on clustered systems.
+
SSL Cipher Suite
----------------
--
2.20.1
More information about the pve-devel
mailing list