#1335 closed task (worksforme)
provide a system service for the proxy server
Reported by: | Antoine Martin | Owned by: | Smo |
---|---|---|---|
Priority: | major | Milestone: | 1.0 |
Component: | server | Version: | trunk |
Keywords: | Cc: |
Description (last modified by )
Now that the proxy server can be used for starting new sessions on demand (#1319) and that we have ssl support (#1252) and a default port (#731), it makes sense to have a default service that can be used for all this.
Somewhat related to #1105, #888 and #1334.
Tasks:
- generate a test certificate
- install the service files (init and systemd...)
Change History (7)
comment:1 Changed 6 years ago by
Description: | modified (diff) |
---|---|
Owner: | changed from Antoine Martin to alas |
Summary: | provide a service for the proxy server → provide a system service for the proxy server |
comment:2 Changed 5 years ago by
Owner: | changed from alas to Smo |
---|
fallback to firewall-offline-cmd in r14484.
Further notes:
- to permanently add the rule to another zone, ie "trusted":
firewall-cmd --add-port=14500/tcp --zone=trusted --permanent
- the default zone where we add the rule as part of the rpm postinstall is:
firewall-cmd --get-default-zone
More examples: https://www.certdepot.net/rhel7-get-started-firewalld/.
comment:3 Changed 5 years ago by
We now also silence the "success" message during RPM (un)install: r14602.
comment:5 Changed 5 years ago by
Resolution: | → worksforme |
---|---|
Status: | new → closed |
comment:7 Changed 16 months ago by
this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/1335
Note: See
TracTickets for help on using
tickets.
Major changesets (there are many more):
After installation, there should be a new firewall rule allowing traffic on our port (14500 see #731):
This rule should be deleted when the RPM package is uninstalled.
The service is not started by default at the moment, to change that see Enabling and disabling services during start up in GNU/Linux (instructions vary depending on the init system used by the distribution).
To start the service (these commands should work almost everywhere: fedora, centos, debian, ubuntu, etc):
After that, you should be able to confirm that it is running with:
or with systemd (fedora, centos7):
or with systemd it should be listed in the system slice:
or on systems with a "/var/run/xpra" directory (those that support tmpfiles.d, see #888):
(as any user)
or
or
(see #1252 for details)
or even hitting this proxy server with a browser to get the session login page:
In order to use any other sub-commands against this proxy server, you need to authenticate with a system account (the proxy server is configured to use the "sys" authentication module).
ie:
(see #1319 for details, bugs related to connecting or using the proxy server itself do not belong here)
@afarr: just a FYI, feel free to close.