View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0010589 | Taler | deployment and operations | public | 2025-11-12 20:09 | 2025-12-07 11:21 |
| Reporter | vecirex | Assigned To | vecirex | ||
| Priority | low | Severity | feature | Reproducibility | N/A |
| Status | confirmed | Resolution | open | ||
| Target Version | post-1.0 | ||||
| Summary | 0010589: useful in deployment cases: systemd unit for proxying IPv4/IPv6 https traffic to ports > 1024 | ||||
| Description | Merchant or other operators of taler server components (e.g., exchanges) might find it useful to run unprivileged podman (or other) containers w/ TCP ports exposed > 1024 only. I've running code, but more checks needed for safe and productive usage; also to be made dynamic and tested on other systems (here it's SuSE GNU/Linux Tumbleweed): koopa:/var/lib/systemd # systemctl list-units | grep proxy https-proxy@8081.service loaded active running Proxy for incoming HTTPS traffic to port 8081 system-https\x2dproxy.slice loaded active active Slice /system/https-proxy https-proxy.socket loaded active running Forward incoming HTTPS traffic to local port 8081 koopa:/var/lib/systemd # nmap 127.0.0.1 | grep 8081 8081/tcp open blackice-icecap koopa:/var/lib/systemd # nmap -6 ::1 | grep 8081 8081/tcp open blackice-icecap koopa:/var/lib/systemd # ss -ltn sport = :443 State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 512 *:443 *:* koopa:/var/lib/systemd # | ||||
| Tags | No tags attached. | ||||
|
|
To be committed to taler-deployment: https://git.taler.net/taler-deployment.git/ |
|
|
Low prio, we want those to use self-provisioning. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2025-11-12 20:09 | vecirex | New Issue | |
| 2025-11-12 20:11 | vecirex | Note Added: 0026407 | |
| 2025-11-12 20:13 | vecirex | Assigned To | => vecirex |
| 2025-11-12 20:13 | vecirex | Status | new => assigned |
| 2025-11-12 20:20 | vecirex | Description Updated | |
| 2025-12-07 11:21 | Christian Grothoff | Priority | normal => low |
| 2025-12-07 11:21 | Christian Grothoff | Status | assigned => confirmed |
| 2025-12-07 11:21 | Christian Grothoff | Target Version | => post-1.0 |
| 2025-12-07 11:21 | Christian Grothoff | Note Added: 0026804 |
