Proxmox API

Ashley · Oct 27, 2016

Hello,

Is it possible to restrict the API to a single IP only, without having to use a firewall / iptables level rule which would restrict access to the full 8006 interface.

Thanks,
Ashley

dietmar · Oct 27, 2016

see 'man pveproxy' (Host based access control).

Ashley · Oct 27, 2016

Hello,

Thanks, did have a read of that before however makes it sound like it is for the whole port 8006 from how I understand it.

Setting host based access on this will it still allow other IP's to connect to the standard PVEGUI from other IPs'?

,Ashley

dcsapak · Oct 27, 2016

Ashley said:
Thanks, did have a read of that before however makes it sound like it is for the whole port 8006 from how I understand it.

Setting host based access on this will it still allow other IP's to connect to the standard PVEGUI from other IPs'?

since the api and the webgui run with the same webserver, you cannot seperate access between those two.
also, even if you could, the webgui does everything via the api, so if you cannot reach the api, you cannot do anything on the webgui

Ashley · Oct 27, 2016

Hello,

Thanks for confirming, I just wished to lock the API down to local only + one external IP, but continue to allow GUI access.

However understand both running on the same backed server, thanks for confirming.

fabian · Oct 27, 2016

the GUI is a javascript API client, so this is not possible.

Search

Search

Proxmox API

Ashley

Member

dietmar

Proxmox Staff Member

Ashley

Member

dcsapak

Proxmox Staff Member

Ashley

Member

fabian

Proxmox Staff Member

We value your privacy