Allow ips #2998
Allow ips #2998
Conversation
| end | ||
|
|
||
| def ip_addresses | ||
| Socket.ip_address_list.select(&:ipv4?) |
There was a problem hiding this comment.
It's not clear to me if we should allow ipv6 addresses.
What's more is, if I do enable ipv6 address - I'm not really sure how to use them. They seem to have the interface name appended to it, so I'm not entirely sure if we need to cut that off or what.
There was a problem hiding this comment.
I'm not sure need to worry too much about what IPs people will get since the best practice is to supply DNS names like ondemand.example.com that correspond to certificate CNs, etc. I think IPv4 is good enough as that's most common.
| @@ -78,7 +78,7 @@ | |||
| # | |||
| SetEnv OOD_PUN_STAGE_CMD "sudo /opt/ood/nginx_stage/sbin/nginx_stage" | |||
|
|
|||
| SetEnv OOD_ALLOWED_HOSTS "example.com" | |||
| SetEnv OOD_ALLOWED_HOSTS "8.8.8.8,example.com" | |||
There was a problem hiding this comment.
It appears that @proxy_server is never nil because it's populated by the fqdn. So that's why example.com almost always shows up here in OOD_ALLOWED_HOSTS.
Fixes #2970 by adding ip addresses to ALLOWED_HOSTS if
@servernameis nil. (docs say setting servername to nil allows you to use ips)