3 # Note: In theory, all this can be done by 'pveproxy' daemon. But some
4 # API call still have blocking code, so we use a separate daemon to avoid
5 # that the console gets blocked.
7 $ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin';
9 delete @ENV{qw(IFS CDPATH ENV BASH_ENV)};
20 use base
qw(PVE::Daemon);
22 $SIG{'__WARN__'} = sub {
27 syslog
('warning', "%s", $t);
31 my $cmdline = [$0, @ARGV];
33 my %daemon_options = (
34 max_workers
=> 1, # todo: do we need more?
35 restart_on_error
=> 5,
37 leave_children_open_on_reload
=> 1,
40 pidfile
=> '/var/run/pveproxy/spiceproxy.pid',
43 my $daemon = __PACKAGE__-
>new('spiceproxy', $cmdline, %daemon_options);
48 # we use same ALLOW/DENY/POLICY as pveproxy
49 my $proxyconf = PVE
::API2Tools
::read_proxy_config
();
51 my $accept_lock_fn = "/var/lock/spiceproxy.lck";
53 my $lockfh = IO
::File-
>new(">>${accept_lock_fn}") ||
54 die "unable to open lock file '${accept_lock_fn}' - $!\n";
56 my $socket = $self->create_reusable_socket(3128);
58 $self->{server_config
} = {
59 base_handler_class
=> 'PVE::API2',
62 lockfile
=> $accept_lock_fn,
65 debug
=> $self->{debug
},
68 logfile
=> '/var/log/pveproxy/access.log',
69 allow_from
=> $proxyconf->{ALLOW_FROM
},
70 deny_from
=> $proxyconf->{DENY_FROM
},
71 policy
=> $proxyconf->{POLICY
},
78 my $server = PVE
::HTTPServer-
>new(%{$self->{server_config
}});
82 $daemon->register_start_command();
83 $daemon->register_restart_command(1);
84 $daemon->register_stop_command();
85 $daemon->register_status_command();
88 start
=> [ __PACKAGE__
, 'start', []],
89 restart
=> [ __PACKAGE__
, 'restart', []],
90 stop
=> [ __PACKAGE__
, 'stop', []],
91 status
=> [ __PACKAGE__
, 'status', [], undef, sub { print shift . "\n";} ],
96 PVE
::CLIHandler
::handle_cmd
($cmddef, $0, $cmd, \
@ARGV, undef, $0);
104 spiceproxy - SPICE proxy server for Proxmox VE
112 SPICE proxy server for Proxmox VE. Listens on port 3128.
114 =head1 Host based access control
116 It is possible to configure apache2 like access control lists. Values are read
117 from file /etc/default/pveproxy (see 'pveproxy' for details).
121 /etc/default/pveproxy
123 =include pve_copyright