dicos/99_one-frontend.xml: Ajout de la variable vnc_proxy_port_sunstone

tmpl/sunstone-server.conf: Utilisation de la variable vnc_proxy_port_sunstone

Le port VNC proxy est configurable. On utilise également les certificats de la
machine pour le proxy VNC et on ouvre les ports pour les IP qui peuvent faire du
SSH vers eth0.

fixes #7869 @2h
This commit is contained in:
Philippe Caseiro 2014-09-29 15:02:50 +02:00
parent 1886e222fd
commit 6b515aef15
2 changed files with 8 additions and 5 deletions

View File

@ -4,8 +4,8 @@
<service type='service'>opennebula-sunstone</service> <service type='service'>opennebula-sunstone</service>
<file filelist='onefrontend' name='/etc/one/sunstone-server.conf' rm='True' mkdir='True'/> <file filelist='onefrontend' name='/etc/one/sunstone-server.conf' rm='True' mkdir='True'/>
<service_access service='sunstone'> <service_access service='sunstone'>
<port>9000</port> <port port_type="SymLinkOption">port_sunstone</port>
<port>29876</port> <port port_type="SymLinkOption">vnc_proxy_port_sunstone</port>
</service_access> </service_access>
<service_restriction service='sunstone'> <service_restriction service='sunstone'>
<ip interface='eth0' netmask='netmask_ssh_eth0' netmask_type='SymLinkOption' ip_type='SymLinkOption'>ip_ssh_eth0</ip> <ip interface='eth0' netmask='netmask_ssh_eth0' netmask_type='SymLinkOption' ip_type='SymLinkOption'>ip_ssh_eth0</ip>
@ -19,6 +19,9 @@
<variable name='port_sunstone' type='number' description="Numéro de port d'écoute d'OpenNebula Sunstone"> <variable name='port_sunstone' type='number' description="Numéro de port d'écoute d'OpenNebula Sunstone">
<value>9000</value> <value>9000</value>
</variable> </variable>
<variable name='vnc_proxy_port_sunstone' type='number' description="Numéro de port d'écoute du proxy VNC">
<value>29876</value>
</variable>
<variable name='ip_sunstone' type='ip' description="Adresse IP d'écoute pour OpenNebula Sunstone"/> <variable name='ip_sunstone' type='ip' description="Adresse IP d'écoute pour OpenNebula Sunstone"/>
<variable name='langue_sunstone' type='string' description="Langue par défaut de l'interface" mode='expert'> <variable name='langue_sunstone' type='string' description="Langue par défaut de l'interface" mode='expert'>
<value>fr_FR</value> <value>fr_FR</value>

View File

@ -89,10 +89,10 @@
# vnc_proxy_cert: Certificate to encrypt wss connections. # vnc_proxy_cert: Certificate to encrypt wss connections.
# vnc_proxy_key: Key for wss connections. Only necessary if not included in cert. # vnc_proxy_key: Key for wss connections. Only necessary if not included in cert.
# vnc_proxy_ipv6: Enable ipv6 support for novnc-server # vnc_proxy_ipv6: Enable ipv6 support for novnc-server
:vnc_proxy_port: 29876 :vnc_proxy_port: %%vnc_proxy_port_sunstone
:vnc_proxy_support_wss: no :vnc_proxy_support_wss: no
:vnc_proxy_cert: :vnc_proxy_cert: %%server_cert
:vnc_proxy_key: :vnc_proxy_key: %%server_key
:vnc_proxy_ipv6: false :vnc_proxy_ipv6: false