puppet-watcher/default-bind_host-7ab540eba59c4135.yaml at master - puppet-watcher - OpenDev: Free Software Needs Free Tools

openstack/puppet-watcher

Takashi Kajinami 388e3a2dfb Stop listening at 0.0.0.0 by default

Usage of 0.0.0.0 exposes API endpoint to all networks and can cause
unexpected leakage. This change updates the default to use more
restricted address (127.0.0.1, which is the default defined in Watcher
itself) unless the address is given by a user explicitly.

Change-Id: Ibc895cf2b06d3b0c1b2073d8d6aa90d7d6f299d2

2022-08-15 02:19:13 +09:00

7 lines

223 B

YAML

Raw Permalink Blame History

 ---
 upgrade:
   - |
     Default value of the ``watcher::api::bind_host`` parameter has been changed
     from ``0.0.0.0`` to the service default(``127.0.0.1``). The parameter
     should be configured propelry during upgrade.