d1f531a160
If cockpit-ws runs behind a reverse proxy that does the TLS termination, it rejects non-GnuTLS connections with a https:// origin with received request from bad Origin: https://localhost:9090 This previously required setting `Origins` in cockpit.conf to make this work. Introduce a new `--for-tls-proxy` option to cockpit-ws which switches the default Origin checking to https-only. With that, no cockpit.conf modifications are required for local proxies. This is implemented by a new `for-tls-proxy` property in `CockpitWebServer`, which gets plumbed through the Origins check in `cockpit_web_service_create_socket()`. This is mostly intended for the upcoming external "cockpit-tls" proxy which externalizes TLS termination, so that this does not have to modify cockpit.conf or inspect/modify the HTTP stream. But it's generally applicable to any local reverse TLS proxy. Fix test-handlers to not call cockpit_handler_socket() with a NULL server, so that reading the property does not cause a warning. Closes #11813 |
||
---|---|---|
.github/ISSUE_TEMPLATE | ||
bots | ||
containers | ||
doc | ||
eslint-plugin-cockpit | ||
examples | ||
node_modules | ||
pkg | ||
po | ||
src | ||
test | ||
tools | ||
.eslintignore | ||
.eslintrc.json | ||
.flowconfig | ||
.gitignore | ||
.tasks | ||
.travis.yml | ||
AUTHORS | ||
COPYING | ||
HACKING.md | ||
Makefile.am | ||
README.md | ||
Vagrantfile | ||
autogen.sh | ||
configure.ac | ||
package.json | ||
webpack.config.js |
README.md
Cockpit
A sysadmin login session in a web browser
Cockpit is an interactive server admin interface. It is easy to use and very lightweight. Cockpit interacts directly with the operating system from a real Linux session in a browser.
Using Cockpit
You can install Cockpit on many Linux operating systems including Debian, Fedora and RHEL.
Cockpit makes Linux discoverable, allowing sysadmins to easily perform tasks such as starting containers, storage administration, network configuration, inspecting logs and so on.
Jumping between the terminal and the web tool is no problem. A service started via Cockpit can be stopped via the terminal. Likewise, if an error occurs in the terminal, it can be seen in the Cockpit journal interface.
On the Cockpit dashboard, you can easily add other machines with Cockpit installed that are accessible via SSH.
Development
- Making changes to Cockpit
- How to contribute, developer documentation
- IRC Channel: #cockpit on FreeNode
- Mailing List
- Guiding Principles
- Release Notes
- Privacy Policy