hannesm
commented
10 months ago Dear @hugusmaximus,
thanks for your questions and comments - sorry for the slow reply.
change the listening IP for configuration
In the running-tlstunnel-as-unikernel, it has two IP stacks - one for the frontend / public service listen (service), and one to connect to backend services and configuration (named private). Now, separating the latter into even more stacks - one for configuration and to connect to services - wasn't in my use-case. If I understand you correctly, your backend services are not reachable from the localhost, i.e. setting --private-ipv4=127.0.0.1/8 will result in tlstunnel not being able to connect to your services?
Given that you also would like to have a static (boot param / compile-time) mapping of sni -> host * port -- there can really be an easier unikernel that doesn't need persistent storage, neither a configuration interface. Is this something you'd like to use?
change/disable the HTTP port
That sounds like a worthwhile option.
locate where in the code I can modify the default HTTP port (80) so I can change it?
hugusmaximus
Hi! I wonder if there's any plan to add more options to the current ones ( --configuration-port, --frontend-port, --key).
Specifically, I was looking for some way to change the listening IP for configuration something like " --configuration-ip", so I can change this to listen on some private or loopback IP not exposed to Internet (in example, 127.0.0.1).
Also, another nice APPLICATION OPTION would be to be able to change/disable the HTTP port, I mean, you may want to configure it on another port (i.e. 10080) or you may want to completely disable HTTP port (which is my case).
As I don't expect those features to be in the roadmap, would you kindly help me locate where in the code I can modify the default HTTP port (80) so I can change it?
Best,